Re: IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability

[security curmudgeon <jericho () attrition org>]

Seriously?

This was reported in Jul 2001 by Hiromitsu Takagi, and assigned 
CVE-2001-1161.

http://seclists.org/bugtraq/2001/Jul/22

Would you please:

a) check to see if a vulnerability has been published
b) test current software
c) include the full name of the product you are testing

"IBM Lotus 6.x", presumably IBM Lotus Domino is currently around version 
8.5 or so, per the link you provided:

: http://www-01.ibm.com/software/lotus/