This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote web server hosts a script that is affected by a cross-site
The remote web server hosts a version of the ZENworks Configuration
Console that is affected by a cross-site scripting vulnerability. The
'language' parameter is not properly validated in 'Login.jsp' and can be
tampered with to inject arbitrary script code in a user's browser via a
specially crafted POST request.
Note that hosts that are affected by this issue are also likely to be
affected by other vulnerabilities.
See also :
Upgrade to 11.2.3a Monthly Update 1 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true