|
|
CVE Reference: CVE-2004-1621 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1621 |
|
|
Description: ** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/17758 ST 1011779 SAID Secunia Advisory: SA12891 MISC http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833 CERT-VN 404382 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=109841682529328&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=109812960023736&w=2 BID 11458 |
|
| Return to the previous page. |
