{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-03-05T17:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "38481", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38481"}, {"tags": ["x_refsource_MISC"], "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0927", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "38481", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38481"}, {"name": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf", "refsource": "MISC", "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:06:52.448Z"}, "title": "CVE Program Container", "references": [{"name": "38481", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38481"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0927", "datePublished": "2010-03-05T17:00:00Z", "dateReserved": "2010-03-05T00:00:00Z", "dateUpdated": "2024-09-16T19:31:44.522Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FDDB5FD-9152-4A9C-829B-8BA2ACB3A5A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8A7AF44-125F-4760-8370-34B7B4CB8753", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "48E4A116-4FEF-4EAF-B4C4-F6096853F791", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "69495B18-39A4-443F-A724-F713C4DD14A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "63DD600E-2405-4954-B4EC-218ED0CF2492", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "42C54057-4166-476B-A184-CD3F4844D0D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A0224534-201F-428A-A2D8-2C957BF57149", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A946E7EE-769E-4676-AA7A-97CDD9168A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AA31957-2452-4992-8DDA-7DDAAD09EC1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en help/readme.nsf/Header en the Help component en IBM Lotus Domino v7.x anteriores a v7.0.4 y v8.x anteriores a v8.0.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a trav\u00e9s del par\u00e1metro \"BaseTarget\" en una acci\u00f3n OpenPage. NOTA: Esta vulnerabilidad se solapa con CVE-2010-0920."}], "id": "CVE-2010-0927", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-03-05T17:30:00.347", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38481"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38481"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}