In late August 2013, we reported a persistent Cross Site Scripting issue in IBM Maximo Asset Management.
IBM have now published an advisory and update information to remedy this vulnerability.
More information on affected versions and patching is available here: http://www-01.ibm.com/support/docview.wss?uid=swg21660032 and the CVE information can be found here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5402.
