The administrative web interface in NetIQ iManager, versions before 3.1, are vulnerable to reflected cross site scripting.
netiq imanager