This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
A web application running on the remote host has a cross-site
The remote version of eGroupware is vulnerable to a cross-site
scripting attack. This could allow a remote attacker to steal the
cookies of a legitimate user by tricking them into clicking a
maliciously crafted URL.
eGroupware reportedly has other cross-site scripting vulnerabilities,
though Nessus has not tested for those issues.
See also :
Upgrade to eGroupware 1.0.0.004 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true