Family: CGI abuses : XSS --> Category: infos
Chora common-footer.inc Cross-Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for cross-site scripting vulnerability in Chora common-footer.inc
Detailed Explanation for this Vulnerability Test
The remote web server is vulnerable to a cross-site scripting
According to its version, the remote installation of Chora fails to
fully sanitize user-supplied input when setting the parent frame's
leveraging this flaw, a possible hacker may be able to inject arbitrary HTML
and script code into a user's browser to be executed in the context of
the affected web site, thereby resulting in the theft of session
cookies and similar attacks.
Upgrade to Chora 1.2.3 or later.
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.