Unrated severityNVD Advisory· Published Dec 21, 2013· Updated Jun 16, 2026
CVE-2013-4064
CVE-2013-4064
Description
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.
Affected products
15cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*
- (no CPE)range: <= 8.5.3 FP5, 9.0.0
cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:8.5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_inotes:9.0.0.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/86595nvd
News mentions
0No linked articles in our index yet.