IBM Lotus recognized the potential for a cross-site scripting vulnerability to exist under certain circumstances. No customers are known to have been affected by this vulnerability in a production environment.
This issue was reported to IBM Lotus software Quality Engineering and has been addressed in Domino 6.0.4 and 6.5.2. For earlier releases, this issue can be prevented by creating a full text index for databases that allow public access.
This issue does not affect Domino 5.x servers.