Adobe RoboHelp FlashHelp Unspecified XSS (APSB11-09) (uncredentialed check)
Medium Nessus Plugin ID 54603
SynopsisThe remote Windows host has an application that is affected by a cross-site scripting vulnerability.
DescriptionThe published RoboHelp project on the remote host contains a cross-site scripting vulnerability in its wf_status.htm and wf_topicfs files. An attacker may be able to leverage this issue to execute arbitrary script code in the browser of an authenticated user in the context of the affected site and to steal cookie-based authentication credentials.
SolutionApply the patch referenced in the vendor advisory above.