When you have multiple domains configured on your LoadMaster, clients are required to enter their credentials in the format "domain\user" or "user@domain".
In this type of scenario, it makes sense to have a greeting message notifying clients of this requirement, for example:
Welcome to webmail.kemp.com, please enter your credentials in the format (domain\user or user@domain).
The issue that arises here is that an XSS attack is triggered due to the backslash (\). This log message can been seen in System Configuration > Logging Options > Extended Log Files > ESP Security Log.
Escape the backslash in the greeting message with an additional backslash (\).
To configure a greeting message, follow the steps below in the LoadMaster Web User Interface (WUI):
- Go to Virtual Services > View/Modify Services.
- Click Modify on the relevant Virtual Service.
- Expand the ESP Options section.
- Ensure ESP is enabled.
- Ensure the Client Authentication Mode is set to Form Based.
- Enter the SSO Greeting Message, for example Welcome to webmail.kemp.com, please enter your credentials in the format (domain\\user or user@domain).
- Click Set SSO Greeting Message.