Summary
The host is running Xampp, which is prone to multiple cross site scripting vulnerabilities.
Impact
Successful exploitation could allow remote attackers to execute arbitrary HTML and script code.
Impact Level : Application
Solution
Upgrade to Xampp Linux version 1.7.3 or later,
For updates check, http://www.apachefriends.org/en/xampp-linux.html
Insight
The flaw is due the input passed to the parameter text in iart.php and ming.php files are not santised before being returned to the user.
Affected
Xampp Linux 1.6.7 and prior on Linux (All).
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-3569 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
- Apache Archiva Cross Site Request Forgery Vulnerability
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities