Daniel Frye

**Name of the Vulnerable Software and Affected Versions** HP Business Availability Center (BAC) versions 7.x through 7.55 HP Business Availability Center (BAC) versions 8.x through 8.05 HP Business Service Management (BSM) versions prior to 9.01 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This could potentially lead to unauthorized access or control of user sessions. **Recommendations** For HP Business Availability Center (BAC) versions 7.x through 7.55, update to a version later than 7.55. For HP Business Availability Center (BAC) versions 8.x through 8.05, update to a version later than 8.05. For HP Business Service Management (BSM) versions prior to 9.01, update to version 9.01 or later.