This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
A web application running on the remote host has multiple cross-site
The remote host seems to be running CVSTrac, a web-based bug and
patch-set tracking system for CVS.
According to its version number, the remote installation of CVSTrac
has multiple cross-site scripting flaws. A remote attacker could
exploit this by tricking a user into requesting a malicious URL, which
would result in the execution of arbitrary script code as that user.
See also :
Upgrade to CVSTrac 1.1.5 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true