Hello 3APA3A!
I want to warn you about HTTP Response Splitting and Cross-Site Scripting vulnerabilities in IBM Lotus Domino. At 15th of August IBM released the advisory concerning these Cross-Site Scripting vulnerabilities.
CVE ID: CVE-2012-3301.
Vulnerable are IBM Lotus Domino 8.5.3 and previous versions. These vulnerabilities will be fixed in Domino 8.5.4 and IBM are still working on other vulnerabilities, about which I've informed them.
For fixes, workarounds and mitigations reference to IBM Security Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21608160
HTTP Response Splitting (WASC-25):
http://site/servlet/%0AHeader:value%0A1
Cross-Site Scripting (WASC-08):
Will work in different browsers (in case of Mozilla Firefox will work in versions before Firefox 3.0.9):
Will work in all versions of Firefox, but without access to cookies:
Also there can be used Location header for XSS attack (for which there are its own nuances of work in different browsers).
Cross-Site Scripting (WASC-08):
The attack is possible via data: and vbscript: URI.
In x.nsf, "x" means username of logged in user.
Full timeline read in the first advisory (http://securityvulns.ru/docs28474.html).
Best wishes & regards,
Eugene Dokukin aka MustLive
Administrator of Websecurity web site
http://websecurity.com.ua