Family: CGI abuses : XSS --> Category: infos
ezPublish Cross Site Scripting Bugs Vulnerability Scan
Vulnerability Scan Summary
Determine if ezPublish is vulnerable to xss attack
Detailed Explanation for this Vulnerability Test
ezPublish 2.2.7 has a cross site scripting bug. A possible hacker may use it to
perform a cross site scripting attack on this host.
In addition to this, another flaw may allow a possible hacker store hostile
HTML code on the server side, which will be executed by the browser of the
administrative user when he looks at the server logs.
Solution : Upgrade to a newer version.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.