Ocean12 Guestbook XSS

This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.

Synopsis :

The remote web server has an application that is affected by
a cross-site scripting vulnerability.

Description :

The remote server is running Ocean12 GuestBook, a set of scripts
to manage an interactive guestbook.

An attacker may use this module to inject malicious HTML code in your
site, which may be used to steal users' cookies or to simply annoy

Solution :

Disable this software.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 11537 ()

Bugtraq ID: 7329


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial