|
Family: CGI abuses : XSS --> Category: infos
Claroline XSS Vulnerability Scan
Vulnerability Scan Summary Checks if Claroline is vulnerable to a XSS attack
Detailed Explanation for this Vulnerability Test
The remote host is running Claroline, a web-based collaboration tool
written in PHP.
The remote version of this software is vulnerable to several cross
site scripting attacks in the file 'add_course.php'.
With a specially crafted URL, a possible hacker may use the remote to
perform a cross site scripting attack against a user.
Solution : Upgrade to the latest version of this software
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|