Summary
The remote host contains a CGI which is vulnerable to a cross-site scripting issue.
Description :
The remote host is using 12Planet Chat Server.
There is a bug in this software which makes it vulnerable to cross site scripting attacks.
An attacker may use this bug to steal the credentials of the legitimate users of this site.
Solution
Upgrade to the newest version of this software
Severity
Classification
-
CVE CVE-2004-0678 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Afian 'includer.php' Directory Traversal Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- /cgi-bin directory browsable ?
- appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability