===================================================================== CERT-Renater Note d'Information No. 2013/VULN016 _____________________________________________________________________ DATE : 10/01/2013 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) :Systems running Dell OpenManage Server Administrator version 7.1.0.1. ====================================================================== http://www.kb.cert.org/vuls/id/950172 ______________________________________________________________________ Vulnerability Note VU#950172 Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability Original Release date: 09 janv. 2013 | Last revised: 09 janv. 2013 Overview Dell OpenManage Server Administrator version 7.1.0.1 and earlier contains a DOM-based cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Dell OpenManage Server Administrator version 7.1.01 and earlier contains a DOM-based cross-site scripting vulnerability. Example: https://www.example.com:1311/help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm?topic=">