IBM Lotus Connections 'simpleSearch.do' Cross Site Scripting Vulnerability

IBM Lotus Connections 'simpleSearch.do' Cross Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI.

The following example URI is available:

https://www.example.com/profiles/html/simpleSearch.do?name=<IMG%20SRC="vbscript:msgbox(document.cookie)'>&lang=en