IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines (IBM). IBM Aspera Faspex version 4.4.1 contains a cross-site scripting vulnerability, which stems from a cross-site scripting vulnerability that could be exploited by an attacker to embed arbitrary JavaScript code in the Web UI which could lead to credential disclosure in trusted sessions.