|
Family: CGI abuses --> Category: infos
Bugzilla XSS and insecure temporary filenames Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of bugzilla
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote host contains a CGI which is vulnerable to a cross site scripting
and file deletion vulnerability
Description :
The remote Bugzilla bug tracking system, according to its version number, is
vulnerable to various flaws that may let a possible hacker perform cross site
scripting attacks or even delete local file files (provided he has an account
on the remote host).
Solution :
Upgrade to 2.16.3 or 2.17.4
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:L/Au:R/C:N/A:N/I:C/B:I)
Click HERE for more information and discussions on this network vulnerability scan.
|