IBM Spectrum Copy Data Management is an implementation of International Business Machines Corporation (IBM) to modernize, simplify, and automate data center copy management processes.A cross-site scripting vulnerability exists in IBM Spectrum Copy Data Management versions 2.2.0.0 (inclusive) through 2.2.14.3 (inclusive), which stems from the program’s lack of data validation filtering of user-provided data and output. An attacker could exploit the vulnerability to allow a user to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality and potentially lead to credential leakage in trusted sessions.