Family: CGI abuses : XSS --> Category: attack
SandSurfer Cross Site Scripting Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for SandSurfer
Detailed Explanation for this Vulnerability Test
The remote host is running SandSurfer, a web-based time keeping application.
A vulnerability has been disclosed in all versions of this software, up to
version 1.7.0 (included) which may allow a possible hacker to use it to perform
a cross site scripting attack against third party users.
Solution : Upgrade to SandSurfer 1.7.1
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.