|
|
Family: CGI abuses : XSS --> Category: infos
SWsoft Plesk Reloaded Cross Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of an XSS bug in Plesk Reloaded
Detailed Explanation for this Vulnerability Test
The remote host is running Plesk Reloaded (from SWsoft), a web based
system administration tool.
The remote version of this software is vulnerable to a cross-site scripting
attack.
A possible hacker can exploit it by compromising the values of the parameter
cat_select in login_up.php3.
This can be used to take advantage of the trust between a client and server
allowing the malicious user to execute malicious JavaScript on
the client's machine.
Solution : Upgrade to the latest version of this software
Risk factor: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
