Vulnerabilities > IBM > Lotus Protector FOR Mail Security > 2.8.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-01 | CVE-2016-2991 | Cross-site Scripting vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1 Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Protector for Mail Security 2.8.0.0 through 2.8.1.0 before 2.8.1.0-22115 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-03-25 | CVE-2014-0887 | OS Command Injection vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1 The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | 7.1 |
2014-03-25 | CVE-2014-0886 | OS Command Injection vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1 The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors. | 7.1 |
2014-03-25 | CVE-2014-0885 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1 Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-03-25 | CVE-2014-0884 | Cross-Site Scripting vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1 Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |