This script is Copyright (C) 2007-2017 Tenable Network Security, Inc.
The remote Windows host has an application that is affected by a
cross-site scripting vulnerability.
The remote host is running Computer Associates' Host-Based Intrusion
Prevention System (CA HIPS) Server, an intrusion prevention system for
The version of CA HIPS Server installed on the remote Windows server
is reportedly affected by a cross-site scripting issue because it
fails to sanitize log data before displaying it. An attacker may be
able to leverage this issue to inject arbitrary HTML or script code
into the browser of an administrative user to be executed within the
security context of the affected service.
See also :
Upgrade to CA HIPS version 18.104.22.168 by applying the patch referenced
in the vendor advisory above.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true