Adobe RoboHelp FlashHelp Unspecified XSS (APSB11-09) (uncredentialed check)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has an application that is affected by a
cross-site scripting vulnerability.

Description :

The published RoboHelp project on the remote host contains a
cross-site scripting vulnerability in its wf_status.htm and wf_topicfs
files. An attacker may be able to leverage this issue to execute
arbitrary script code in the browser of an authenticated user in the
context of the affected site and to steal cookie-based authentication

See also :

Solution :

Apply the patch referenced in the vendor advisory above.

Risk factor :

Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 4.8
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 54603 ()

Bugtraq ID: 47839

CVE ID: CVE-2011-0613

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now