Potential Cross Site Scripting (XSS) vulnerability in IBM Lotus Sametime Server

As Carl, Chris and I am sure others have pointed out, there was a Technote released regarding a potential vulberability in Sametime 7.5.1 Server. This is not fixed in CF1, rather it requires contacting IBM for a hotifx. The hotfix is an updated stconf template, the installation procedure is: 1. Stop the Domino Server 2. Backup the old stconf751.ntf 3. Copy the new stconf751.ntf into the Domino Data directory, and replace the design of stconf.nsf 4. Restart Domino

Sorry, comments are closed for this post.