Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/67913
http://www.securitytracker.com/id?1025611
http://www.securityfocus.com/bid/48168
http://securityreason.com/securityalert/8273