This script is Copyright (C) 2005-2012 Tenable Network Security, Inc.
The remote web server contains a PHP application that is affected by
a cross-site scripting attack.
The remote host is running Siteman, a web-based content management
system written in PHP.
The remote version of this software is vulnerable to a cross-site
scripting attack due to a lack of sanitization of user-supplied data
to the 'page' parameter of the 'forum.php' script. Successful
exploitation of this issue may allow an attacker to use the remote
server to perform an attack against a third-party user.
See also :
Unknown at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 16171 ()
Bugtraq ID: 12267