CVE-2006-4843 : Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.

Published 2007-03-29 21:19:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2006-4843

IBM » Lotus Domino » Version: 6.5.1
cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.0
cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.2
cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.3
cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.4
cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 7.0
cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.4 FP2 Edition
cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.4 FP1 Edition
cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 7.0.1
cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 7.0.2
cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.5
cpe:2.3:a:ibm:lotus_domino:6.5.5:*:*:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.5 FP1 Edition
cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp1:*:*:*:*:*
Matching versions
IBM » Lotus Domino » Version: 6.5.5 FP2 Edition
cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp2:*:*:*:*:*
Matching versions

Threat overview for CVE-2006-4843

Top countries where our scanners detected CVE-2006-4843

Top open port discovered on systems with this issue 110

IPs affected by CVE-2006-4843 162

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2006-4843!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2006-4843

EPSS FAQ

0.52%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 64 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4843

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2006-4843

Jump to

Vulnerability Details : CVE-2006-4843

Products affected by CVE-2006-4843

Threat overview for CVE-2006-4843

Exploit prediction scoring system (EPSS) score for CVE-2006-4843

CVSS scores for CVE-2006-4843

References for CVE-2006-4843