NuytsTech Security

CVE-2011-1038

by ·

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.

Date published : 2011-02-22

http://www.securityfocus.com/bid/46471

http://www.securityfocus.com/archive/1/516563/100/0/threaded

Tags: