Vulnerabilities > IBM > Lotus Sametime > 8.0.1

DATE CVE VULNERABILITY TITLE RISK
2013-05-02 CVE-2013-0535 Cross-Site Scripting vulnerability in IBM Classic Meeting Server and Lotus Sametime
Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2011-10-29 CVE-2011-1370 Configuration vulnerability in IBM Lotus Sametime
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.
network
low complexity
ibm CWE-16
5.0
5.0
2011-03-01 CVE-2011-1106 Cross-Site Scripting vulnerability in IBM Lotus Sametime 8.0/8.0.1
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
network
ibm CWE-79
4.3
4.3
2011-02-22 CVE-2011-1038 Cross-Site Scripting vulnerability in IBM Lotus Sametime 8.0.1
Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.
network
ibm CWE-79
4.3
4.3
2010-09-15 CVE-2010-3398 Unspecified vulnerability in IBM Lotus Sametime Connect Web Container
Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W.
network
low complexity
ibm
critical
 10.0
10