This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote web application has a cross-site scripting vulnerability.
The version of Webslinger (included with Apache OFBiz) hosted on the
remote host has a cross-site scripting vulnerability. A remote
attacker could exploit this by tricking a user into requesting a
specially crafted URL, resulting in arbitrary script code execution.
This version of OFBiz reportedly has other vulnerabilities, though
Nessus has not tested for those issues.
See also :
Upgrade to Apache OFBiz 10.04.02 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true