Cross-Site Scripting Vulnerability in IBM iNotes

CVE-2016-0282

What is CVE-2016-0282?

A cross-site scripting vulnerability exists in IBM iNotes prior to version 8.5.3 FP6 IF2. This issue allows remote authenticated users to execute arbitrary web script or HTML by exploiting a crafted URL, which could potentially compromise user sessions or lead to unauthorized actions.

References