CVE-2010-2277

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Connections
Vendor: CVE Published:; 15 June 2010

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in the Communities component, the (3) verbiage field in the Bookmarks component, or (4) unspecified vectors related to the Mobile Blogs component.

References

http://www.vupen.com/english/advisories/2010/1281

vdb-entryx_refsource_VUPEN

http://www-1.ibm.com/support/docview.wss?uid=swg1LO47921

vendor-advisoryx_refsource_AIXAPAR

http://www-1.ibm.com/support/docview.wss?uid=swg1LO47214

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 15, 2010