Detections
Analytics
IBM Lotus Notes/Domino Square Brackets Encoding Failure XSS
medium Nessus Plugin ID 15514
Language:
Synopsis
The remote web server is prone to a cross-site scripting attack.Description
The remote server is vulnerable to cross-site scripting, when requesting a .nsf file with html arguments, as in :GET /FormReflectingURLValue?OpenForm&Field=[XSS]
Solution
None at this time.Plugin Details
Severity: Medium
ID: 15514
File Name: domino_xss2.nasl
Version: 1.18
Type: remote
Family: CGI abuses : XSS
Published: 10/19/2004
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/a:ibm:lotus_domino
Exploit Ease: No exploit is required
Patch Publication Date: 10/18/2004
Vulnerability Publication Date: 10/18/2004
Reference Information
CVE: CVE-2004-1621
BID: 11458