The Meeting Server in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not validate URLs in Cookie headers before using them in redirects, which has unspecified impact and remote attack vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm sametime 9.0.0.0 |
||
ibm sametime 9.0.0.1 |
||
ibm sametime 8.5.2.0 |
||
ibm sametime 8.5.2.1 |