A few days later, IBM responded by confirming that the problem affects the standard configuration of IBM Lotus Notes 8.x. The company said that a patch is available, but you have to submit a Service Request to IBM Support in order to get it. The flaw has reportedly been remedied in version 8.5.1, which the Notes/Domino Fix List says users can expect in October.
- IBM Lotus Notes 8.5 RSS Widget extended rights, Description by scip AG (in German).
- Response to 'IBM Lotus Notes 8.5 RSS Widget Privilege Escalation', Response from IBM.