This script is Copyright (C) 2004-2015 George A. Theall
The remote web server is hosting a PHP application that is affected by
a cross-site scripting vulnerability.
The remote server is running at least one instance of IMP whose
version number is between 2.0 and 3.2.3 inclusive. Such versions are
vulnerable to a cross-scripting attack whereby an attacker may be
simply by reading a MIME message with a specially crafted Content-Type
Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there
not attempted to actually exploit the vulnerability.
See also :
Upgrade to IMP version 3.2.4 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 12263 (imp_content_type_xss.nasl)
Bugtraq ID: 10501
CVE ID: CVE-2004-0584
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.