Unrated severityNVD Advisory· Published Mar 29, 2007· Updated Jun 16, 2026
CVE-2006-4843
CVE-2006-4843
Description
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.
Affected products
14cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp1:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp2:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*
- (no CPE)range: <6.5.6, <7.0.2 FP1
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/24633nvdExploitVendor Advisory
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvdVendor Advisory
- www-1.ibm.com/support/docview.wssnvd
- www.securityfocus.com/bid/23173nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/1133nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33280nvd
News mentions
0No linked articles in our index yet.