IBM Security Bulletin: IBM Connections - Persistent Cross-Site Scripting (XSS) Vulnerability in IBM Connections Mail plug-in (CVE-2015-1917)

IBM Connections Mail plug-in for Connections 4.0, 4.5 and 5.0 is vulnerable to a cross-site scripting vulnerability in the Active Content Filter used to filter EMail message content loaded from Microsoft Exchange. CVE(s):  ...

from IBM Product Security Incident Response Team http://ift.tt/1FfQr2s