CVE-2011-3576

EUVD-2011-3539
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
ibmlotus_domino
8.5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211
http://www.securityfocus.com/bid/49701
http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211
http://www.securityfocus.com/bid/49701