Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX. Rated low severity (CVSS 1.5). No vendor patch available.
IBM
XSS
Lotus Inotes
NVD
CVSS 2.0
1.5
EPSS
0.1%