This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.
The remote web server contains HTML documents that are affected by a
cross-site scripting vulnerability.
The remote host contains one or more HTML documents associated with
Adobe Flex 3's History Management Feature and affected by a DOM-based
cross-site scripting vulnerability. Due to its failure to sanitize
user input, an attacker may be able to leverage this issue to inject
arbitrary HTML and script code into a user's browser to be executed
within the security context of the affected site, possibly by using
See also :
Replace the affected file(s) with an instance of 'historyFrame.html'
from the Flex 3.0.2 update as discussed in the vendor advisory above.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true