CVE-2010-2277

Name of the Vulnerable Software and Affected Versions IBM Lotus Connections versions 2.5.x before 2.5.0.2

Description The issue allows remote attackers to inject arbitrary web script or HTML via various components, including the create or edit form in the Communities component, the verbiage field in the Bookmarks component, or unspecified vectors related to the Mobile Blogs component.

Recommendations For IBM Lotus Connections versions 2.5.x before 2.5.0.2, update to version 2.5.0.2 or later to resolve the issue.