ID de Prueba:	1.3.6.1.4.1.25623.1.0.103084
Categoría:	Web application abuses
Título:	IBM Lotus Sametime Server 'stconf.nsf' Cross Site Scripting Vulnerability
Resumen:	IBM Lotus Sametime Server is prone to a cross-site scripting; vulnerability because it fails to sufficiently sanitize user-supplied data.
Descripción:	Summary: IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Vulnerability Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Affected Software/OS: IBM Lotus Sametime 8.0.1 is vulnerable. Other versions may also be affected. Solution: Apply the patch for this vulnerability (8.0.1.0-Lotus-ST-IF-RPOH-8F7KAT), available from IBM Support and Downloads. See References. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1038 BugTraq ID: 46471 http://www.securityfocus.com/bid/46471 Bugtraq: 20110221 Domino Sametime Multiple Reflected Cross-Site Scripting (Google Search) http://www.securityfocus.com/archive/1/516563/100/0/threaded http://secunia.com/advisories/43430 http://securityreason.com/securityalert/8100 XForce ISS Database: sametime-stcenter-xss(65555) https://exchange.xforce.ibmcloud.com/vulnerabilities/65555
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.