|
Family: CGI abuses --> Category: infos
PowerPortal Private Message HTML Injection Vulnerability Scan
Vulnerability Scan Summary Checks the version of the remote PowerPortal Installation
Detailed Explanation for this Vulnerability Test
The remote host is using PowerPortal, a content management system,
written in PHP.
A vulnerability exists in the remote version of this product which may allow
a remote attacker to inject arbitrary HTML tags in when sending a private
message to a victim user of the remote portal.
A possible hacker may exploit this flaw to steal the credentials of another
user on the remote host.
Solution : Upgrade to the latest version of this software
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|