The host is installed with IBM Tivoli Endpoint Manager (TEM) 8.0 before 8.2.1372 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly sanitize user-supplied input. Successful exploitation allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.