IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.
Source: Threadpost