CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1161

HIGH
7.5
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile41.96th
PublishedJul 2, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.

Affected Platforms (CPE)

πŸ“¦
Lotus

Domino R5 Server

= 5.0.6

References & Advisories

πŸ”— http://www.iss.net/security_center/static/6789.php
πŸ”— http://www.kb.cert.org/vuls/id/642239
πŸ”— http://www.osvdb.org/1887
πŸ”— http://www.securityfocus.com/archive/1/194465
πŸ”— http://www.securityfocus.com/archive/1/194609
πŸ”— http://www.securityfocus.com/bid/2962
πŸ”— http://www.iss.net/security_center/static/6789.php
πŸ”— http://www.kb.cert.org/vuls/id/642239

Related Vulnerabilities

CVE-2006-011910.0

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due...

CVE-2001-013010.0

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers t...

CVE-2003-017810.0

Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute a...

CVE-2007-167510.0

Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x b...