本ページは ibm inotes に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2017-1659 | "HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials." | [email protected] | 6.1 | 0.67% | 2020-07-01 | 2026-06-16 |
| CVE-2013-0594 | Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | [email protected] | 6.1 | 1.25% | 2018-07-11 | 2026-06-16 |
| CVE-2013-0592 | Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | [email protected] | 5.4 | 0.70% | 2018-07-11 | 2026-06-16 |
| CVE-2013-0589 | IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | [email protected] | 7.5 | 1.76% | 2018-07-11 | 2026-06-16 |
| CVE-2017-1421 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 1.05% | 2017-12-13 | 2026-06-16 |
| CVE-2017-1130 | IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371. | [email protected] | 6.5 | 29.22% | 2017-09-05 | 2026-06-16 |
| CVE-2017-1129 | IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370. | [email protected] | 6.5 | 30.07% | 2017-09-05 | 2026-06-16 |
| CVE-2017-1327 | IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062. | [email protected] | 6.1 | 0.97% | 2017-08-03 | 2026-06-16 |
| CVE-2017-1332 | IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234. | [email protected] | 6.1 | 0.98% | 2017-07-31 | 2026-06-16 |
| CVE-2017-1214 | IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854. | [email protected] | 5.7 | 1.30% | 2017-06-12 | 2026-06-16 |
| CVE-2017-1325 | IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976. | [email protected] | 6.1 | 0.85% | 2017-05-26 | 2026-06-16 |
| CVE-2016-9990 | IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824. | [email protected] | 6.1 | 1.25% | 2017-03-31 | 2026-06-16 |
| CVE-2016-5883 | IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010. | [email protected] | 6.1 | 1.10% | 2017-02-23 | 2026-06-16 |
| CVE-2016-5881 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |
| CVE-2016-6113 | IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |
| CVE-2016-5884 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |
| CVE-2016-5882 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |
| CVE-2016-5880 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 5.4 | 0.72% | 2017-02-01 | 2026-06-16 |
| CVE-2016-2939 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |
| CVE-2016-2938 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.1 | 0.96% | 2017-02-01 | 2026-06-16 |