CVE-2010-2277
IBM Lotus Connections - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in the Communities component, the (3) verbiage field in the Bookmarks component, or (4) unspecified vectors related to the Mobile Blogs component.
References (6)
Scores
EPSS
0.0046
EPSS Percentile
64.0%
Classification
CWE
CWE-79
Status
published
Affected Products (3)
ibm/lotus_connections
ibm/lotus_connections
n/a/n/a
Timeline
Published
Jun 15, 2010
Tracked Since
Feb 18, 2026