Description
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65555
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2011-02/0217.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46481
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43430
Scores
EPSS
0.0139
EPSS Percentile
80.5%
Details
CWE
CWE-79
Status
published
Products (3)
ibm/lotus_sametime
ibm/lotus_sametime
8.0
ibm/lotus_sametime
8.0.1
Published
Mar 01, 2011
Tracked Since
Feb 18, 2026