IBM.Lotus.Protector.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in IBM Lotus Protector.
The vulnerability is a result of the application's failure to properly sanitize user input before using it. It allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality, potentially leading to credential disclosure within a trusted session.
Affected Products
Lotus Protector for Mail Security v2.8.0.0 to 2.8.1.0
Impact
System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |