Intrusion Prevention



This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in IBM Lotus Protector.
The vulnerability is a result of the application's failure to properly sanitize user input before using it. It allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality, potentially leading to credential disclosure within a trusted session.

Affected Products

Lotus Protector for Mail Security v2.8.0.0 to


System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References