Multiple Cross-Site Scripting Vulnerabilities Detected

Document ID : KB000008975
Last Modified Date : 17/08/2018
Show Technical Document Details
Issue:

After running a vulnerability scan, the Multiple Cross-Site Scripting Vulnerability were detected with some Virtual Services Models (VSM).

Environment:
DevTest 10.1.0 on all supported platforms.
Cause:

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

 

Resolution:

We have a fix for this.

Open a new support ticket, provide the ports that were reported as vulnerable and mention DE333671 in the ticket description.

If you facing this issue with DevTest Enterprise Dashboard on release 9.1 or 9.0. Please, consider upgrading DevTest Enterprise Dashboard to release 10.x.