IBM Security Bulletin: IBM API Management is vulnerable to (CVE-2014-8917)

The dojox/form/resources/fileuploader.swf, dojox/form/resources/uploader.swf, dojox/av/resources/audio.swf and dojox/av/resources/video.swf files exhibit an XSS vulnerability. IBM API Management uses the IBM Dojo Toolkit and is subject to XSS. ...

from IBM Product Security Incident Response Team http://ift.tt/1IBQrQg