Zoho ManageEngine Support Center Plus Multiple Fields XSS Vulnerabilities

Summary
This host is running Zoho ManageEngine Support Center Plus and is prone to multiple cross site scripting vulnerabilities.
Impact
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Impact Level: Application
Solution
Upgrade to ManageEngine Support Center Plus 7.9 Upgrade Pack 7908 or later For updates refer to http://www.manageengine.com/products/support-center/
Insight
The flaws are due to inputs passed to the 'Name' and 'E-mail' parameters via 'sd/Request.sd' script is not properly sanitised before being returned to the user.
Affected
ManageEngine Support Center Plus 7.9 Upgrade Pack 7903 and prior
References