Cross-Site Scripting Vulnerability in IBM Lotus Quickr by IBM
CVE-2008-2163

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Quickr
Vendor: CVE Published:; 13 May 2008

Summary

A cross-site scripting vulnerability exists in IBM Lotus Quickr 8.1 prior to specific hotfixes, allowing remote attackers to inject arbitrary web scripts or HTML. This issue is particularly related to WYSIWYG editors, which can be exploited through various vectors, potentially compromising web applications and user data.

References

http://www.vupen.com/english/advisories/2008/1502/references

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/29175

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/42360

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 13, 2008
Vulnerability Reserved
May 13, 2008