Description
This script is vulnerable to file tampering.
The scanner detected that user input gets written to a file from the server. This alert requires user confirmation. It may be a false positive. It depends on the file that gets written and how/if user input is santitized before being written to this file. Please make sure that user input is not written to a file that gets interpreted by the web server (for example a PHP file) and check if this file is located inside the application directory.
Remediation
Please make sure that user input is properly sanitized before being written to the file.