<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Book Antiqua";
panose-1:2 4 6 2 5 3 5 3 3 4;}
@font-face
{font-family:Webdings;
panose-1:5 3 1 2 1 5 9 6 7 3;}
@font-face
{font-family:"sans serif";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:Arial;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Dear Team,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color="#555555" face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:#555555'>In one of the website it
is mentioned that OpenCms is vulnerable to cross-site scripting, caused by
improper validation of user-supplied input by the users_list.jsp script.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Pls confirm whether opencms has released any patch for this
vulnerability.<font color=navy><span style='color:navy'><o:p></o:p></span></font></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<div>
<p class=MsoNormal><strong><b><font size=2 color="#0000a0" face="Book Antiqua"><span
style='font-size:10.0pt;font-family:"Book Antiqua";color:#0000A0'>Thanks and
regards,</span></font></b></strong><b><font size=2 color="#0000a0"
face="Book Antiqua"><span style='font-size:10.0pt;font-family:"Book Antiqua";
color:#0000A0;font-weight:bold'><br>
<strong><b><font face="Book Antiqua"><span style='font-family:"Book Antiqua"'>Asha
Hegde</span></font></b></strong><br>
<strong><b><font face="Book Antiqua"><span style='font-family:"Book Antiqua"'>Project
Lead</span></font></b></strong><br>
<strong><b><font face="Book Antiqua"><span style='font-family:"Book Antiqua"'>TATA
- AIG (ROS) </span></font></b></strong></span></font></b><b><font size=2
color="#0000a0"><span style='font-size:10.0pt;color:#0000A0;font-weight:bold'><br>
</span></font></b><font size=2 color=navy face=Webdings><span style='font-size:
10.0pt;font-family:Webdings;color:navy'>É<FONT FACE="Courier New"></FONT> </span></font><strong><b><font
size=2 color="#0000a0" face="sans serif"><span style='font-size:10.0pt;
font-family:"sans serif";color:#0000A0'>6142 3659</span></font></b></strong><o:p></o:p></p>
</div>
</div>
<DIV>
IMPORTANT NOTICE: <BR>
The information in this email (and any attachments) is confidential. If you are not the intended recipient, you must not use or disseminate the information. If you have received this email in error, please immediately notify me by "Reply" command and permanently delete the original and any copies or printouts thereof. Although this email and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by American International Group, Inc. or its subsidiaries or affiliates either jointly or severally, for any loss or damage arising in any way from its use.<BR>
</DIV></body>
</html>