Alcatel-Lucent OmniTouch 8400 Instant Communications Suite Multiple Input Validation Vulnerabilities
Alcatel-Lucent OmniTouch 8400 Instant Communications Suite is prone to multiple input-validation vulnerabilities including:
- Multiple cross-site scripting vulnerabilities
- Multiple cross-site request-forgery vulnerabilities
- Multiple HTML-injection vulnerabilities
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, disclose or modify sensitive information, or perform unauthorized actions. Other attacks are also possible.