Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf.Referenceshttp://www.securityfocus.com/bid/49701http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211
