Cross-Site Scripting Vulnerability in IBM Lotus Web Content Management
CVE-2010-0357

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Web Content Management
Vendor: CVE Published:; 20 January 2010

What is CVE-2010-0357?

The vulnerability allows remote attackers to execute arbitrary web scripts or HTML by injecting them via unspecified parameters on the Login page of IBM Lotus Web Content Management. This issue affects specific versions of the software prior to their respective iFix releases, potentially compromising the security of web portals by enabling unauthorized access to user sessions.

References

http://secunia.com/advisories/38174

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/55663

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2010/0149

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 20, 2010
Vulnerability Reserved
Jan 20, 2010