CVE-2011-1038

2011-02-22T14:00:02
ID CVE-2011-1038
Type cve
Reporter NVD
Modified 2017-08-16T21:33:48

Description

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.