Summary
The host is running PmWiki and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to the latest version of 2.2.16 or later,
For updates refer to http://pmwiki.org/pub/pmwiki
Insight
The flaw is caused by improper validation of user-supplied input via the 'width' markup while creating a table.
Affected
PmWiki Version 2.2.15 and Prior.
References
Severity
Classification
-
CVE CVE-2010-1481 -
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N
Related Vulnerabilities
- Microsoft Internet Explorer Information Disclosure Vulnerability
- Novatel Wireless MiFi 2352 Password Information Disclosure Vulnerability
- Nikto (NASL wrapper)
- MODx Local File Include and Cross Site Scripting Vulnerabilities
- BestShopPro 'str' Parameter Cross Site Scripting and SQL Injection Vulnerabilities