This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.
A remote web application is vulnerable to cross-site scripting.
The remote host runs PWSPHP (Portail Web System) a CMS written in PHP.
The remote version of this software is vulnerable to cross-site
scripting attack due to a lack of sanity checks on the 'skin' parameter
in the script SettingsBase.php.
With a specially crafted URL, an attacker could use the remote server
to set up a cross-site scripting attack.
Upgrade to version 1.2.3 or newer
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true