Vulnerability Description
Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | All versions |
| Ibm | I5Os | All versions |
| Microsoft | Windows Nt | All versions |
| Ibm | Lotus Quickr | 8.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30204Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg27013341
- http://www-1.ibm.com/support/docview.wss?uid=swg24018711Patch
- http://www.securityfocus.com/bid/29175
- http://www.vupen.com/english/advisories/2008/1502/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42360
- http://secunia.com/advisories/30204Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg27013341
- http://www-1.ibm.com/support/docview.wss?uid=swg24018711Patch
- http://www.securityfocus.com/bid/29175
- http://www.vupen.com/english/advisories/2008/1502/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42360
FAQ
What is CVE-2008-2163?
CVE-2008-2163 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via ...
How severe is CVE-2008-2163?
CVE-2008-2163 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2163?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix, Ibm I5Os, Microsoft Windows Nt, Ibm Lotus Quickr.