How to Buy
This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote web application has multiple cross-site scripting
The remote host is running dasBlog, a .NET blog system. According to
its version number, it is vulnerable to multiple cross-site scripting
issues. It is reported that versions up to and including 1.6.0 are
The application does not sanitize the Referer and User-Agent HTTP
headers. An attacker could use this to trick a user into executing
arbitrary script code in the context of the web server.
See also :
Apply the vendor patch referenced in the advisory.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 14639 (dasblog_xss.nasl)
Bugtraq ID: 11086
CVE ID: CVE-2004-1657
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.