This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Windows host has an application that is affected by a
cross-site scripting vulnerability.
The version of RoboHelp on the remote host contains a cross-site
scripting vulnerability in its WordHelp output. An attacker may be
able to leverage this issue to execute arbitrary script code in the
browser in the context of the affected site and to steal cookie-based
Note that this plugin checks for a version of RoboHelp that would
generate WordHelp projects with a cross-site scripting vulnerability
rather than published projects with the vulnerability.
See also :
Apply the patch referenced in the vendor advisory above. Once the
patch is applied, all WordHelp files need to be regenerated.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true