IBM Lotus Domino Web Access Email Message HTML Injection Vulnerability

IBM Lotus Domino Web Access is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker could exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting victim in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus