|
Family: CGI abuses --> Category: infos
PWSPHP XSS Vulnerability Scan
Vulnerability Scan Summary Checks XSS in PWSPHP
Detailed Explanation for this Vulnerability Test
The remote host runs PWSPHP (Portail Web System) a CMS written in PHP.
The remote version of this software is vulnerable to cross-site
scripting attack due to a lack of sanity checks on the 'skin' parameter
in the script SettingsBase.php.
With a specially crafted URL, a possible hacker could use the remote server
to set up a cross site script attack.
Solution: Upgrade to version 1.2.3 or newer
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|