This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
The remote web server contains a PHP application that is prone to a
cross-site scripting attack.
The remote host is using PowerPortal, a content management system,
written in PHP.
A vulnerability exists in the remote version of this product that may
allow a remote attacker to inject arbitrary HTML tags in when sending
a private message to a victim user of the remote portal.
An attacker may exploit this flaw to steal the credentials of another
user on the remote host.
See also :
Unknown at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true