Summary
The remote web server contains a CGI which is vulnerable to a cross site scripting vulnerability.
Description :
The remote host seems to be running BreakCalendar, a web based calendar.
The remote version of this software is vulnerable to cross site scripting vulnerability which may allow an attacker to use the remote host to perform attacks against third party users.
Solution
Update or disable this CGI suite
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities