Lotus Sametime Security Vulnerabilities and Issues — Lotus Sametime CVE List

Lucene search

IbmLotus Sametime

6 matches found

CVE•added 2011/03/01 11:0 p.m.•43 views

CVE-2011-1106

Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.

4.3CVSS5.7AI score0.00779EPSS

CVE•added 2013/11/08 3:55 p.m.•38 views

CVE-2013-3986

IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session.

4.3CVSS6.5AI score0.40565EPSS

CVE•added 2011/02/22 7:0 p.m.•37 views

CVE-2011-1038

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.

4.3CVSS5.6AI score0.03015EPSS

CVE•added 2008/01/18 10:0 p.m.•36 views

CVE-2008-0354

Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim.

4.3CVSS6AI score0.01177EPSS

CVE•added 2007/08/03 8:17 p.m.•35 views

CVE-2007-4142

Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting.

4.3CVSS5.5AI score0.00427EPSS

CVE•added 2007/12/10 6:46 p.m.•34 views

CVE-2007-6295

Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime before 8.0 allows remote attackers to inject arbitrary web script or HTML via the URI.

4.3CVSS5.6AI score0.00427EPSS