Lotus Domino Unspecified Cross-Site Scripting Vulnerability

IBM Lotus Domino is prone to a cross-site scripting vulnerability. This is due to insufficient input validation of data supplied through URI parameters.

An attacker may exploit this by enticing a victim user into visiting a malicious link that contains HTML and script code. If the link is followed, the embedded hostile HTML and script code may be interpreted by the victim's browser. The hostile code would be able to access properties of the site hosting the vulnerable software.

Exploitation may permit theft of cookie-based authentication credentials. Other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus