Cross-Site Scripting Vulnerability in IBM Lotus Connections
CVE-2013-0503

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Connections
Vendor: CVE Published:; 23 April 2013

Summary

A cross-site scripting (XSS) vulnerability exists within the Bookmarks component of IBM Lotus Connections prior to version 4.0 CR3. This flaw permits unauthorized individuals to inject arbitrary web scripts or HTML into affected systems through unspecified vectors. If exploited, this vulnerability could allow attackers to manipulate user sessions, redirect users to malicious websites, or inject harmful scripts into legitimate sites, potentially compromising user data and security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82265

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21634538

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1LO74182

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Apr 23, 2013
Vulnerability Reserved
Dec 16, 2012