Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2011-02/0217.html | Exploit |
http://secunia.com/advisories/43430 | Vendor Advisory |
http://www.securityfocus.com/bid/46481 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/65555 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2011-03-01 15:00
Updated : 2017-08-16 18:33
NVD link : CVE-2011-1106
Mitre link : CVE-2011-1106
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
ibm
- lotus_sametime