Cross-Site Scripting Vulnerability in IBM Lotus Connections Mobile Subsystem
CVE-2009-3816

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Connections
Vendor: CVE Published:; 28 October 2009

Summary

IBM Lotus Connections 2.5.0.0 has a series of cross-site scripting (XSS) vulnerabilities in the Activities pages of the Mobile subsystem. These flaws permit remote attackers to inject arbitrary web scripts or HTML content through unspecified vectors, potentially compromising user data and executing unauthorized actions within the affected application.

References

http://secunia.com/advisories/37106

third-party-advisoryx_refsource_SECUNIA

http://www-1.ibm.com/support/docview.wss?uid=swg1LO43637

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg24024303

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 28, 2009