CVE-2012-4825

IBM Lotus Notes Traveler <8.5.3.2 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action.

References (2)

Scores

EPSS 0.0024
EPSS Percentile 46.2%

Classification

CWE
CWE-79
Status published

Affected Products (10)

ibm/lotus_notes_traveler < 8.5.3.1
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
ibm/lotus_notes_traveler
n/a/n/a

Timeline

Published Oct 08, 2012
Tracked Since Feb 18, 2026