Multiple cross-site scripting (XSS) vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/40545
http://www.securityfocus.com/bid/27800
http://www.securityfocus.com/archive/1/488204/100/0/threaded
http://www.securityfocus.com/archive/1/488143/100/100/threaded
http://securityreason.com/securityalert/3690
http://secunia.com/advisories/28963
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060315.html