Cross-Site Scripting Flaw in IBM Lotus Notes Traveler
CVE-2010-4544

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Traveler
Vendor: CVE Published:; 16 December 2010

Summary

A Cross-Site Scripting (XSS) vulnerability exists in the servlet of IBM Lotus Notes Traveler prior to version 8.5.1.3. This flaw allows remote attackers to inject arbitrary web scripts or HTML through unspecified attack vectors. Successful exploitation may lead to unauthorized actions taken on behalf of users, making it crucial for affected organizations to implement appropriate security measures to mitigate these risks.

References

http://www.vupen.com/english/advisories/2010/3193

vdb-entryx_refsource_VUPEN

http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes...

x_refsource_CONFIRM

http://www-1.ibm.com/support/docview.wss?uid=swg1LO52324

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Dec 16, 2010
Vulnerability Reserved
Dec 16, 2010