HomePentest-Tools.com Logo

BasiliX Message Content Script Injection Vulnerability CVE-2002-1708

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

The remote web server contains PHP scripts that are prone to cross-site scripting attacks. Description : The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are vulnerable to cross-scripting attacks since they do not filter HTML tags when showing a message. As a result, an attacker can include arbitrary HTML and script code in a message and have that code executed by the users browser when it is viewed.

Risk description
Not available
Recommendation

Upgrade to BasiliX version 1.1.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 31, 2002
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available