CVE-2011-1038
Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
ibm | lotus_sametime | 8.0.1 |
Common Weakness Enumeration