The remote web server is vulnerable to multiple attack vectors.
The remote web server is running ViewVC, a web-based interface for CVS and Subversion. The installed version of ViewVC is earlier than 1.0.11 or 1.1.5. Such versions are potentially affected by a cross-site scripting vulnerability because the application fails to properly sanitize user supplied data to the regular expression search feature.
Upgrade to ViewVC 1.0.11, 1.1.5, or later.