The release of Tomcat as included with CA Service Desk r11.2 is potentially susceptible to a cross-site scripting vulnerability. CA has issued a technical document that describes remediation procedures.
d707e5a41acfb37cf9412d440b94a1a0a483c37fdfd80518eae28728bf326b60