XSS Vulnerability in IBM Sametime Links Server
CVE-2013-0533

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Sametime
Vendor: CVE Published:; 28 April 2013

What is CVE-2013-0533?

The vulnerability involves a cross-site scripting flaw in the Sametime Links server within IBM Sametime versions 8.0.2 through 8.5.2.1. This issue enables remote authenticated users to inject arbitrary web scripts or HTML into web pages via unspecified vectors, potentially compromising user data and allowing attackers to execute malicious scripts in the user's browser context. Organizations utilizing these versions of IBM Sametime should implement timely updates or workarounds to mitigate the risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82655

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21633620

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2013
Vulnerability Reserved
Dec 16, 2012