The remote host has an application that is affected by multiple vulnerabilities.
The remote host has a version of Novell ZENworks Configuration Management installed prior to 11.2.3a Monthly Update 1. It is, therefore, affected by the following vulnerabilities: - An open redirect vulnerability exists on the ZENworks Control Center login page due to improper validation of the 'fwdToURL' parameter. (CVE-2013-1093) - The ZENworks Control Center Login.jsp script is affected by a cross-site scripting vulnerability that exists due to improper validation on the 'language' parameter. (CVE-2013-1094) - A cross-site scripting vulnerability exists due to improper validation of input when handling 'onError' events. (CVE-2013-1095) - A cross-site scripting vulnerability exists due to improper validation of input when handling frame tag 'onload' events. (CVE-2013-1097)
Upgrade to Novell ZENworks 11.2.3a Monthly Update 1 or later.