CVE-2014-0940

Name of the Vulnerable Software and Affected Versions IBM Tivoli Service Automation Manager version 7.2.2.2

Description The issue involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML. This can be achieved through vectors involving the REST API or the Self Service UI.

Recommendations For IBM Tivoli Service Automation Manager version 7.2.2.2, apply the fix 7.2.2.2-TIV-TSAM-LA0041 to resolve the issue.