CVE-2009-1334
IBM Tivoli CDP for Files 3.1.4.0 has a cross-site scripting (XSS) vulnerability in the login/FilepathLogin.html page, exploitable via the reason parameter. This could allow remote attackers to inject arbitrary web script or HTML. The PT-2009-3866 entry confirms the affected version and suggests a...