SN-13-01: IBM iNotes 9
Active Content Filtering Bypass


Secure Network releases the security advisory SN-13-01 for a new vulnerability found in IBM iNotes 9.

SN-13-01: IBM iNotes is prone to Active Content Filtering (ACF) Bypass, which results in Stored Cross-Site Scripting. The vulnerability could be further employed to realize Session Hijacking attacks or to create a persistent access to the victim mailbox adding a forwarding rule to an attacker controlled email address by means of Cross-Site Request Forgery.