IBM Security Bulletin: Multiple Vulnerabilities in IBM Connections Mail plug-in (CVE-2014-5191, CVE-2014-8917)

IBM Connections Mail plug-in for Connections 4.0, 4.5 and 5.0 is vulnerable to a cross-site scripting vulnerability in the IBM Dojo Tookit and another cross-site scripting vulnerability in the CKEditor. Refer to the links below for fix downloads. ...

from IBM Product Security Incident Response Team http://ift.tt/1R8y8mQ