Hi
I submitted a report detailing 5 Cross Site Scripting ( XSS ) vulnerabilities in Lotus iNotes 8.5 about 5 weeks ago, and have not yet received a response from the security team at IBM.
I was wondering whether anyone here regularly submits security concerns to Lotus, and how long it takes for them to acknowledge such reports, or issue fixes.
Can anyone offer advice on how I can speed this process up, or obtain a fix from Lotus before someone does any damage?
Since this is an application layer security issue, it will affect all platforms for the 8,5 release.
Matt