Re: IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability

From: security curmudgeon <jericho@attrition.org>
To: lament@ilhack.org
Cc: bugtraq@securityfocus.com
Subject: Re: IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability
Date:



Seriously?

This was reported in Jul 2001 by Hiromitsu Takagi, and assigned 
CVE-2001-1161.

http://seclists.org/bugtraq/2001/Jul/22

Would you please:

a) check to see if a vulnerability has been published
b) test current software
c) include the full name of the product you are testing

"IBM Lotus 6.x", presumably IBM Lotus Domino is currently around version 
8.5 or so, per the link you provided:

: http://www-01.ibm.com/software/lotus/





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.