This script is Copyright (C) 2002-2013 Tenable Network Security, Inc.
The remote web server is itself prone to cross-site scripting
The remote web server seems to be vulnerable to cross-site scripting
attacks because it fails to sanitize input supplied as a filename when
displaying an error page.
The vulnerability would allow an attacker to make the server present
is presented by the server, the user will give it the trust level of
the server (for example, the trust level of banks, shopping centers,
etc would usually be high).
Upgrade to the latest version of WebSphere.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false
Family: CGI abuses : XSS
Nessus Plugin ID: 11010 ()
Bugtraq ID: 2401