|
Family: CGI abuses : XSS --> Category: attack
WebChat XSS Vulnerability Scan
Vulnerability Scan Summary XSS in WebChat
Detailed Explanation for this Vulnerability Test
The remote host is vulnerable to a cross site scripting attack through
its web chat module :
- A possible hacker may create a new user with a bogus email address containing
javascript code
- Then the profile of the newly created user or the 'lost password' page
for this user will display the unprocessed java script to the user
A possible hacker may use this flaw to steal the cookies of your regular users
Threat Level: Medium
Solution : None at this time, contact the vendor at http://www.webscriptworld.com
Click HERE for more information and discussions on this network vulnerability scan.
|