Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0539)