CVE-2013-2504 Information

Description

Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML via the query string.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-04/0196.html http://seclists.org/fulldisclosure/2013/Apr/153