Summary
The remote host is running JAWS, a content management system written in PHP.
The remote version of this software does not perform a proper validation of user-supplied input to several variables used in the 'GlossaryModel.php' script, and is therefore vulnerable to cross-site scripting attacks.
Solution
Upgrade to JAWS 0.5.2 or later.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2005-1231, CVE-2005-1800 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
- Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- Apache Tomcat Information Disclosure Vulnerability