Cross-Site Scripting Vulnerabilities in IBM Sametime Classic Meeting Server
CVE-2013-0535

Currently unrated

Key Information:

Vendor: IBM
Status: Classic Meeting Server; Lotus Sametime
Vendor: CVE Published:; 2 May 2013

Summary

The Classic Meeting Server component of IBM Sametime has multiple cross-site scripting (XSS) vulnerabilities that allow remote authenticated users to execute arbitrary web scripts or HTML due to insufficient input validation through various unspecified vectors. This can lead to unauthorized actions and potential abuse of application features, posing a risk for users interacting with the meeting solutions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82657

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21635185

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21635545

x_refsource_CONFIRM

Timeline

Vulnerability published
May 2, 2013
Vulnerability Reserved
Dec 16, 2012