CVE-2016-5883

Summary

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationiNotes9.0affected
IBM CorporationiNotes8.5.3affected
IBM CorporationiNotes8.5.2affected
IBM CorporationiNotes8.5.1affected
IBM CorporationiNotes8.5affected
IBM CorporationiNotes8.0.2affected
IBM CorporationiNotes8.5.3.6affected
IBM CorporationiNotes9.0.1affected
IBM CorporationiNotes8.58.5.3affected
IBM CorporationiNotesFixaffected
IBM CorporationiNotesPackaffected
IBM CorporationiNotes6affected
IBM CorporationiNotesInterimaffected
IBM CorporationiNotes1affected
IBM CorporationiNotes8.5.xaffected
IBM CorporationiNotes8.5.1.5affected
IBM CorporationiNotes8.5.2.4affected
IBM CorporationiNotes9.0.1.7affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References