The remote web server is vulnerable to a cross-site scripting issue. Description : The remote host is running Cherokee - a fast and tiny web server. Due to a lack of sanitization from the user input, The remote version of this software is vulnerable to cross-site scripting attacks due to lack of sanitization in returned error pages.
Upgrade to Cherokee 0.4.8 or newer.
- IIS 5.0 Sample App reveals physical path of web root
- HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
- Apache UserDir Sensitive Information Disclosure