IBM Sterling Partner Engagement Manager is an automated management tool from International Business Machines (IBM). A cross-site scripting vulnerability exists in IBM Sterling Partner Engagement Manager that stems from the presence of a cross-site scripting (XSS) vulnerability. An attacker can exploit this vulnerability to embed arbitrary JavaScript code in the Web UI.