Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 23 novembre 2011

IBM Lotus Mobile Connect - Cross Site Scripting Vulnerability 9 (CERT-EU Security Advisory 2011-0020)

IBM Lotus Mobile Connect is prone to a cross-site scripting vulnerability. Fixes are available. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 221


Événements SSI