Cross-Site Scripting Vulnerability in IBM Lotus Mobile Connect
CVE-2011-4465

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Mobile Connect
Vendor: CVE Published:; 19 November 2011

Summary

The vulnerability in IBM Lotus Mobile Connect 6.1.4 enables remote attackers to exploit a cross-site scripting (XSS) flaw. By manipulating a hidden redirect URL, attackers can inject arbitrary web scripts or HTML, potentially leading to unauthorized actions or data exposure. This flaw poses a significant security risk, allowing malicious actors to target unsuspecting users and compromise their data integrity.

References

http://www.ibm.com/support/docview.wss?uid=swg27020327

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/72337

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg1IV07148

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Nov 19, 2011
Vulnerability Reserved
Nov 18, 2011