This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
According to its self-reported version, the version of IVE OS running
on the remote host has the following cross-site scripting
- An unspecified cross-site scripting issue exists related
to login pages.
- A cross-site scripting vulnerability exists in the
WWHSearchWordsText parameter of the help page.
An attacker could exploit either of these issues by tricking a user into
requesting a malicious URL, resulting in arbitrary script code
See also :
Upgrade to Juniper IVE OS version 7.1r13 / 7.2r7 / 7.3r2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true