This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
A web application on the remote host has a cross-site scripting
The version of Basic Analysis and Security Engine (BASE) running on
the remote host has a cross-site scripting vulnerability. Input to
the 'dir' parameter of base_local_rules.php is not properly
sanitized. A remote attacker could exploit this by tricking a user
into requesting a maliciously crafted URL.
See also :
Upgrade to BASE 1.4.4 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 42264 (base_local_rules_xss.nasl)
Bugtraq ID: 36830