CVE-2010-2280

EUVD-2010-2290
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
ibmlotus_connections
2.5.0
ibmlotus_connections
2.5.0.1
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/40007
http://www-01.ibm.com/support/docview.wss?uid=swg21431472
http://www.vupen.com/english/advisories/2010/1281
http://secunia.com/advisories/40007
http://www-01.ibm.com/support/docview.wss?uid=swg21431472
http://www.vupen.com/english/advisories/2010/1281