Vulnerabilities > IBM > Tivoli Service Automation Manager > 7.2.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-07 | CVE-2014-0940 | Cross-Site Scripting vulnerability in IBM Tivoli Service Automation Manager 7.2.2.2 Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Service Automation Manager 7.2.2.2 before 7.2.2.2-TIV-TSAM-LA0041 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) REST API or (2) Self Service UI. | 4.3 |