|
Family: Web Servers --> Category: infos
Cross-Site Scripting in Cherokee Error Pages Vulnerability Scan
Vulnerability Scan Summary Checks for the version of Cherokee
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is vulnerable to a cross-site scripting issue.
Description :
The remote host is running Cherokee - a fast and tiny web server.
Due to a lack of sanitization from the user input,
The remote version of this software is vulnerable to cross-site
scripting attacks due to lack of sanitization in returned error pages.
Solution :
Upgrade to Cherokee 0.4.8 or newer.
Threat Level:
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|