CVE-2008-4805 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the community title (2) API input and vectors related to the (3) Homepage (4) Blogs (5) Profiles (6) Dogear (7) Activities and (8) Global Search components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://secunia.com/advisories/32466 http://www.securityfocus.com/bid/31989 http://www-01.ibm.com/support/docview.wss?uid=swg27014008 https://exchange.xforce.ibmcloud.com/vulnerabilities/46210 https://exchange.xforce.ibmcloud.com/vulnerabilities/46211 https://exchange.xforce.ibmcloud.com/vulnerabilities/46215

Share on: