CVE-2008-0354

Name of the Vulnerable Software and Affected Versions IBM Lotus Sametime versions 7.5 through 7.5.1

Description The issue is related to a cross-site scripting (XSS) vulnerability in the chat client. This vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted message. The code execution is triggered after a mouseover event initiated by the victim.

Recommendations For IBM Lotus Sametime versions 7.5 through 7.5.1, consider disabling the chat client functionality until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the chat client to minimize the risk of code injection. Avoid using the chat client for sensitive communications until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.