Lotus Domino R5 Servers are vulnerable to a cross-site scripting
vulnerability. A web site may inadvertently include malicious HTML tags or
based on unvalidated input from untrustworthy sources. This can be a
problem when a web server does not adequately ensure that generated
pages are properly encoded to prevent unintended execution of scripts,
and when input is not validated to prevent malicious HTML from being
presented to the user.
By specifying a URL such as:
A popup will appear on the browser.