|
|
Family: CGI abuses : XSS --> Category: infos
Apache Jakarta Cross-Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks XSS in Apache Jakarta Lucene.
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Apache Jakarta Lucene software is vulnerable to a cross site
scripting issue.
Description :
The remote host is using Apache Jakarta Lucene, a full-featured text
search engine library implemented in Java.
There is a cross site scripting vulnerability in the script 'results.jsp'
which may allow a possible hacker to steal the cookies of legitimate users on
the remote host.
Solution :
Upgrade to Apache Software Foundation Jakarta Lucene 1.4.3
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|
