CVE-2011-1038

2011-02-22T14:00:02
ID CVE-2011-1038
Type cve
Reporter NVD
Modified 2018-10-09T15:30:14

Description

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.