Unrated severityNVD Advisory· Published Aug 23, 2015· Updated Jun 17, 2026
CVE-2015-2014
CVE-2015-2014
Description
Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.
Affected products
6cpe:2.3:a:ibm:domino:8.5.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:ibm:domino:8.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:domino:8.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:domino:8.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:domino:8.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:domino:9.0.1:*:*:*:*:*:*:*
- (no CPE)range: 8.5 < 8.5.3 FP6 IF9, 9.0 < 9.0.1 FP4
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.securitytracker.com/id/1033271nvd
News mentions
0No linked articles in our index yet.