Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
https://exchange.xforce.ibmcloud.com/vulnerabilities/14977
http://www.securitytracker.com/id?1008880
http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1