HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16247
http://www.securityfocus.com/bid/10414