IBM FileNet Content Manager is a flexible and full-featured content management solution. A cross-site scripting vulnerability exists in the IBM FileNet Content Manager Web UI, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive information or hijack a user session when malicious data is viewed.