This script is Copyright (C) 2004-2012 Tenable Network Security, Inc.
The remote web server contains a PHP application that is affected by
multiple cross-site scripting vulnerabilities.
According to its banner, the version of phpScheduleIt on the remote
host is earlier than 1.0.0. Such versions are vulnerable to HTML
injection issues. For example, an attacker may add malicious HTML and
'Schedule Name' field. This field is not properly sanitized. The
malicious code would be executed by a victim web browser displaying
See also :
Upgrade to phpScheduleIt version 1.0.0 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true