Family: CGI abuses : XSS --> Category: attack
WordPress XSS Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of WordPress
Detailed Explanation for this Vulnerability Test
The remote web server contains several PHP scripts that are prone to
cross-site scripting attacks.
The remote version of WordPress is vulnerable to cross-site scripting
issues due to a failure of the application to properly sanitize user-
supplied URI input.
As a result of this vulnerability, it is possible for a remote
attacker to create a malicious link containing script code that will
be executed in the browser of an unsuspecting user when followed.
This may facilitate the theft of cookie-based authentication
credentials as well as other attacks.
See also :
Upgrade to WordPress version 1.2.2 or greater.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.