This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote web server hosts a PHP script that is prone to
cross-site scripting attacks.
The remote host is running a version of PHP-Fusion that does not
by HTML-encoding it. This code will then be executed in the context
of a user's browser when viewing the malicious BBcode on the remote
See also :
Install the 5.01 Service Pack or upgrade to a newer version of
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true