IBM Content Navigator is a Web client from International Business Machines (IBM). The product supports searching and processing documents stored in content servers from a Web browser. IBM Content Navigator suffers from a cross-site scripting vulnerability that stems from the application’s lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.