Multiple XSS Vulnerabilities in IBM Lotus Notes Traveler
CVE-2012-4825

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Traveler
Vendor: CVE Published:; 8 October 2012

What is CVE-2012-4825?

IBM Lotus Notes Traveler contains multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web scripts or HTML. These vulnerabilities are exposed through the userId and address parameters in the getClientConfigFile action, enabling malicious activities that could compromise user data and system integrity. Ensuring that systems are updated and implementing sanitization measures for user inputs are crucial for mitigating associated risks.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

http://www-01.ibm.com/support/docview.wss?uid=swg21612229

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 8, 2012