|
Family: General --> Category: infos
Xoops myheader.php URL Cross Site Scripting Vulnerability Vulnerability Scan
Vulnerability Scan Summary Detect Xoops myheader.php URL XSS
Detailed Explanation for this Vulnerability Test
The weblinks module of XOOPS contains a file named 'myheader.php'
in /modules/mylinks/ directory. The code of the module insufficently
filters out user provided data. The URL parameter used by 'myheader.php'
can be used to insert malicious HTML and/or JavaScript in to the web
page.
Solution : Upgrade to the latest version of XOOPS.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|