newsbot
19-02-2008, 08:31 PM
IBM Lotus QuickPlace (http://www.ibm.com/software/lotus/products/quickplace/) is "a business-ready, self-service work space expressly designed for team collaboration". A vulnerability in the way IBM Lotus QuickPlace handles incoming searches allows attackers to cause it to insert arbitrary HTML and/or JavaScript.
http://www.securiteam.com/securitynews/5AP0B2KNFM.html
http://www.securiteam.com/securitynews/5AP0B2KNFM.html