Vulnerabilities > CVE-2005-3015 - Cross-Site Scripting vulnerability in IBM Lotus Domino and Lotus Domino Enterprise Server
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | CGI abuses : XSS |
| NASL id | LOTUS_DOMINO_XSS.NASL |
| description | The remote host runs Lotus Domino web server. The installed version of Lotus Domino is vulnerable to multiple cross- site scripting attacks due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code in a user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 19764 |
| published | 2005-09-20 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/19764 |
| title | Lotus Domino Multiple Script Src / BaseTarget XSS |