CVE-2008-0354
IBM Lotus Sametime - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim.
References (6)
Scores
EPSS
0.0118
EPSS Percentile
78.5%
Classification
CWE
CWE-79
Status
draft
Affected Products (2)
ibm/lotus_sametime
ibm/lotus_sametime
Timeline
Published
Jan 18, 2008
Tracked Since
Feb 18, 2026