- A security researcher contacted IBM to report four security vulnerabilities in the IBM Lotus Domino HTTP server that permit cross site scripting. These vulnerabilities could allow remote attackers to steal cookie-based authentication credentials. While fixes for all four are planned for inclusion in Domino 8.5.4, workarounds exist for two in Domino servers 7.0 and later by enabling a single INI setting. As of 15 August 2012, IBM has not received any reports of customer issues related to these security vulnerabilities.
- Upgrade to Lotus Domino version 8.5.4.
- WordPress Plugin Haiku minimalist audio player Cross-Site Scripting (1.0.0)
- Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12)
- WordPress Plugin Bad Behavior Multiple Vulnerabilities (2.2.18)
- WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.9)
- WordPress Plugin All in One SEO Pack Cross-Site Scripting (2.2.2)