VYPR
Unrated severityNVD Advisory· Published Aug 23, 2015· Updated Jun 17, 2026

CVE-2015-2014

CVE-2015-2014

Description

Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.

Affected products

6
  • IBM/Lotus Domino6 versions
    cpe:2.3:a:ibm:domino:8.5.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:ibm:domino:8.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino:8.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino:8.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino:8.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino:9.0.1:*:*:*:*:*:*:*
    • (no CPE)range: 8.5 < 8.5.3 FP6 IF9, 9.0 < 9.0.1 FP4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.