This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.
The remote web server hosts a PHP application that is affected by a
cross-site scripting vulnerability.
The SilverStripe CMS install hosted on the remote web server includes
a version of the Forums module that is affected by a cross-site
scripting vulnerability. User input to the 'Search' parameter is not
sanitized before being used to generate dynamic HTML.
An attacker can exploit this flaw to execute arbitrary script code in a
See also :
Upgrade to SilverStripe Forums module 0.2.2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true