The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of chat messages, or compose anonymous chat messages, by leveraging. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak. Rated low severity (CVSS 2.9). No vendor patch available.