Andy Yang

**Name of the Vulnerable Software and Affected Versions** Microsoft Systems Management Server version 2003 SP3 System Center Configuration Manager version 2007 SP2 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This is referred to as a "Reflected XSS" issue. **Recommendations** For Microsoft Systems Management Server 2003 SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For System Center Configuration Manager 2007 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.