Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2011-02/0217.html | Exploit |
http://secunia.com/advisories/43430 | Vendor Advisory |
http://www.securityfocus.com/bid/46481 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/65555 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2011-03-01 23:00
Updated : 2024-02-04 17:54
NVD link : CVE-2011-1106
Mitre link : CVE-2011-1106
CVE.ORG link : CVE-2011-1106
JSON object : View
Products Affected
ibm
- lotus_sametime
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')