Ewerson Guimarães

**Name of the Vulnerable Software and Affected Versions** IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3 before FP3 IBM Application Manager for Smart Business version 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which can lead to cross-site scripting (XSS) attacks. This can potentially affect a large number of devices worldwide, although the exact number is not specified. **Recommendations** For IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3 before FP3, update to a version that includes FP3 or later to resolve the issue. For IBM Application Manager for Smart Business version 1.2.1, update to version 1.2.1.0-TIV-IAMSB-FP0004 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3 before FP3 IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) version 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 **Description** The issue allows remote attackers to cause a denial of service via a crafted URL. **Recommendations** For IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3 before FP3, update to a version that includes FP3 or later. For IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) version 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004, update to version 1.2.1.0-TIV-IAMSB-FP0004 or later.