Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/64846
http://www.vupen.com/english/advisories/2011/0188
http://www.securityfocus.com/bid/45944
http://securitytracker.com/id?1024986
http://secunia.com/advisories/43018