Secunia contacted IBM Lotus to report several potential cross-site scripting vulnerabilities in Lotus iNotes ultra-light mode.
Link to Secunia advisory
http://secunia.com/advisories/38026/
To exploit these vulnerabilities the following would have to happen :
(1) A user’s mail file must be using a design which includes the iNotes ultra-light mode design (first introduced in version 8.0.2)
(2) An attacker would have to create and send a malicious URL to the user
(3) The iNotes ultra-light mode enabled user would need to be enticed to click on the malicious URL
Note: iNotes users do not have to be using ultra-light mode to be vulnerable; ultra-light mode just has to be enabled for their server and mail file.
Three potential scenarios have been identified where HTML or script code could be inserted into the following areas:
(1) Ultra-light mode “Edit Contact” scene
(2) Unsupported browser page
(3) Status alerts in ultra-light mode
See the TN1417063 for mor details
