Vulnerabilities > IBM > Lotus Protector FOR Mail Security > 2.8.1

DATE CVE VULNERABILITY TITLE RISK
2016-12-01 CVE-2016-2991 Cross-site Scripting vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Protector for Mail Security 2.8.0.0 through 2.8.1.0 before 2.8.1.0-22115 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2014-03-25 CVE-2014-0887 OS Command Injection vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1
The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
network
high complexity
ibm CWE-78
7.1
7.1
2014-03-25 CVE-2014-0886 OS Command Injection vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1
The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors.
network
high complexity
ibm CWE-78
7.1
7.1
2014-03-25 CVE-2014-0885 Cross-Site Request Forgery (CSRF) vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1
Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
network
ibm CWE-352
6.8
6.8
2014-03-25 CVE-2014-0884 Cross-Site Scripting vulnerability in IBM Lotus Protector for Mail Security 2.8/2.8.1
Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5