Family: CGI abuses : XSS --> Category: infos
phpScheduleIt HTML Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of an XSS bug in phpScheduleIt
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
The remote host is running phpScheduleIt, a web-based reservation
system written in PHP.
According to its banner, this version is reported vulnerable to HTML
injection issues. For example, a possible hacker may add malicious HTML and
'Schedule Name' field. This field is not properly sanitized. The
malicious code would be executed by a victim web browser displaying
See also :
Upgrade to phpScheduleIt version 1.0.0 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.