Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Sametime 8.0.1

Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Sametime 8.0.1

CVE-2011-1038 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.

Learn more about our Cis Benchmark Audit For Ibm I.