ID de Prueba:	1.3.6.1.4.1.25623.1.0.14218
Categoría:	Web application abuses
Título:	BasiliX Message Content Script Injection Vulnerability
Resumen:	The remote web server contains PHP scripts that are prone to cross-site;scripting attacks.;;Description :;;The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are vulnerable to;cross-scripting attacks since they do not filter HTML tags when showing a message. As a result, an attacker can;include arbitrary HTML and script code in a message and have that code executed by the user's browser when it is;viewed.
Descripción:	Summary: The remote web server contains PHP scripts that are prone to cross-site scripting attacks. Description : The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are vulnerable to cross-scripting attacks since they do not filter HTML tags when showing a message. As a result, an attacker can include arbitrary HTML and script code in a message and have that code executed by the user's browser when it is viewed. Solution: Upgrade to BasiliX version 1.1.1 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1708 BugTraq ID: 5060 http://www.securityfocus.com/bid/5060 Bugtraq: 20020618 BasiliX multiple vulnerabilities (Google Search) http://online.securityfocus.com/archive/1/277710 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0117.html XForce ISS Database: basilix-webmail-headers-css(9384) https://exchange.xforce.ibmcloud.com/vulnerabilities/9384
Copyright	Copyright (C) 2004 George A. Theall

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.