|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200409-22] phpGroupWare: XSS vulnerability in wiki module Vulnerability Scan
Vulnerability Scan Summary
phpGroupWare: XSS vulnerability in wiki module
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200409-22
(phpGroupWare: XSS vulnerability in wiki module)
Due to an input validation error, the wiki module in the phpGroupWare suite
is vulnerable to cross site scripting attacks.
Impact
This vulnerability gives a possible hacker the ability to inject and execute
malicious script code, potentially compromising the victim's browser.
Workaround
The is no known workaround at this time.
References:
http://downloads.phpgroupware.org/changelog
http://secunia.com/advisories/12466/
Solution:
All phpGroupWare users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=www-apps/phpgroupware-0.9.16.003"
# emerge ">=www-apps/phpgroupware-0.9.16.003"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
