CVE Vulnerability

CVE-2007-6295

Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime before 8.0 allows remote attackers to inject arbitrary web script or HTML via the URI.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://www-1.ibm.com/support/docview.wss?uid=sim5079c9d76e4fcf910852573a800495249
http://secunia.com/advisories/27941 Vendor Advisory
http://www.securityfocus.com/bid/26734
http://www.securitytracker.com/id?1019053
http://osvdb.org/39258
http://www.vupen.com/english/advisories/2007/4104
https://exchange.xforce.ibmcloud.com/vulnerabilities/38891
Configurations

Configuration 1

cpe:2.3:a:ibm:lotus_sametime:*:*:*:*:*:*:*:*
Information

Published : 2007-12-10 06:46

Updated : 2017-08-08 01:29

NVD link : CVE-2007-6295

Mitre link : CVE-2007-6295

Products Affected
No products.
CWE
CWE-79