CVE-2012-4848

2012-12-19T06:55:54
ID CVE-2012-4848
Type cve
Reporter NVD
Modified 2017-08-28T21:32:23

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Foundations Start before 1.2.2c allow remote authenticated users to inject arbitrary web script or HTML via a Webconfig Users user-attribute field, as demonstrated by the (1) First Name or (2) Last Name field.