CVE-2010-0921

Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

Published: Mar 3, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-0921
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
ibm / lotus_inotes	-	229.271.x
ibm / lotus_inotes	229.011	229.011.x
ibm / lotus_inotes	229.021	229.021.x
ibm / lotus_inotes	229.031	229.031.x
ibm / lotus_inotes	229.041	229.041.x
ibm / lotus_inotes	229.051	229.051.x
ibm / lotus_inotes	229.061	229.061.x
ibm / lotus_inotes	229.101	229.101.x
ibm / lotus_inotes	229.111	229.111.x
ibm / lotus_inotes	229.131	229.131.x
ibm / lotus_inotes	229.141	229.141.x
ibm / lotus_inotes	229.151	229.151.x
ibm / lotus_inotes	229.161	229.161.x
ibm / lotus_inotes	229.171	229.171.x
ibm / lotus_inotes	229.181	229.181.x
ibm / lotus_inotes	229.191	229.191.x
ibm / lotus_inotes	229.201	229.201.x
ibm / lotus_inotes	229.211	229.211.x
ibm / lotus_inotes	229.221	229.221.x
ibm / lotus_inotes	229.231	229.231.x
ibm / lotus_inotes	229.241	229.241.x
ibm / lotus_inotes	229.251	229.251.x
ibm / lotus_inotes	229.261	229.261.x

Vulnerability Database

289,697

CVE-2010-0921