CVE-2011-1038

Multiple cross-site scripting XSS vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the messageString parameter in a WebMessage action or 2 the PATHINFO...