CVE-2011-1106 Information

Description

Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.

Reference

http://archives.neohapsis.com/archives/bugtraq/2011-02/0217.html http://secunia.com/advisories/43430 http://www.securityfocus.com/bid/46481 https://exchange.xforce.ibmcloud.com/vulnerabilities/65555