HP ArcSight Logger < 6.1 Management Center XSS
Medium Nessus Plugin ID 86419
SynopsisThe remote host has an application installed that is affected by a reflected cross-site scripting vulnerability.
DescriptionThe remote host has a version of HP ArcSight logger installed that is prior to 6.1. It is, therefore, affected by a reflected cross-site scripting vulnerability in the Management Center due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.
SolutionUpgrade to HP ArcSight Logger version 6.1 or later.