Strix
26.1K

CVE-2010-0920

UnknownEPSS 1.03%

Last modified

CVE-2010-0920 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes.". EPSS estimates a 1.03% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

Metrics

EPSS Probability
1.03%

59.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IbmLotus Inotes<= 229.271
IbmLotus Inotes229.011
IbmLotus Inotes229.021
IbmLotus Inotes229.031
IbmLotus Inotes229.041
IbmLotus Inotes229.051
IbmLotus Inotes229.061
IbmLotus Inotes229.101
IbmLotus Inotes229.111
IbmLotus Inotes229.131
IbmLotus Inotes229.141
IbmLotus Inotes229.151
IbmLotus Inotes229.161
IbmLotus Inotes229.171
IbmLotus Inotes229.181
IbmLotus Inotes229.191
IbmLotus Inotes229.201
IbmLotus Inotes229.211
IbmLotus Inotes229.221
IbmLotus Inotes229.231
IbmLotus Inotes229.241
IbmLotus Inotes229.251
IbmLotus Inotes229.261

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-0920?
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."
How severe is CVE-2010-0920?
Severity scoring for CVE-2010-0920 is pending analysis. The EPSS model estimates a 1.03% probability of exploitation in the next 30 days.
How do I fix CVE-2010-0920?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-0920?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST