Computer Security
[EN] no-pyccku

IBM Lotus Notes Traveler security vulnerabilities
SecurityVulns ID:12659
Threat Level:
Description:Crossite scripting, crossite request forgery, URL redirection.
Affected:IBM : Lotus Notes Traveler 8.5
CVE:CVE-2012-4825 (Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action.)
 CVE-2012-4824 (Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Traveler 8.5.3 before Interim Fix 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirectURL parameter.)
Original documentdocumentMustLive, BF, XSS, CSRF and Redirector vulnerabilities in IBM Lotus Notes Traveler (22.10.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod