CVE-2011-1106

Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:lotus_sametime:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.0.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-03-01 23:00

Updated : 2024-02-04 17:54


NVD link : CVE-2011-1106

Mitre link : CVE-2011-1106

CVE.ORG link : CVE-2011-1106


JSON object : View

Products Affected

ibm

  • lotus_sametime
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')