Summary
The remote host is running a version of Post-Nuke which contains the 'News' module which itself is vulnerable to a cross site scripting issue.
An attacker may use these flaws to steal the cookies of the legitimate users of this web site.
Solution
Upgrade to the latest version of postnuke
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- An Image Gallery Directory Traversal Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities