An attacker can bypass native Lotus Notes HTML encoding in a computed value by adding square brackets to the beginning and end of a field of the following types computed, computed for display, computed when composed or a computed text element, Injecting HTML and JavaScript as desired.
9a7f30ad0770b3d630b3e6ee62d6e44a413988b48b90cf3a0cff46fcc0ad1239