Cross-site Scripting Vulnerability in IBM Lotus iNotes by IBM
CVE-2009-3105

Currently unrated

Key Information:

Vendor: IBM
Status: Domino Web Access
Vendor: CVE Published:; 8 September 2009

Summary

A cross-site scripting vulnerability exists in IBM Lotus iNotes, commonly known as Domino Web Access. This flaw allows remote attackers to inject arbitrary web scripts or HTML into vulnerable installations, potentially compromising user data and leading to further attacks. Affected versions are those before 211.241 for Domino 8.0.1. Proper validation and sanitization of user inputs are crucial to mitigate this risk.

References

http://www.securityfocus.com/bid/36292

vdb-entryx_refsource_BID

http://secunia.com/advisories/36626

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2009/2557

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Sep 8, 2009
Vulnerability Reserved
Sep 8, 2009