Summary
The remote web server contains a CGI script that is affected by a cross-site scripting vulnerability.
Description :
According to its version number, the installation of Sympa on the remote host contains an HTML injection vulnerability that may allow a user who has the privileges to create a new list to inject HTML tags in the list description field.
Solution
Update to version 4.1.3 or newer.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-1735 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities