CVE-2008-0694
Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.
Date published : 2008-02-11
http://www-1.ibm.com/support/docview.wss?uid=nas22f5a0f082f6821c4862573e10041f7bd