This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
An application running on the remote web server is affected by a
cross-site scripting vulnerability.
The version of Sawmill running on the remote web server is affected by
a cross-site scripting vulnerability due to improper validation of
user-supplied input appended to a GET request. An unauthenticated,
remote attacker can exploit this, via a specially crafted request, to
execute arbitrary script code in a user's browser session.
See also :
Upgrade to Sawmill version 7.1.14 or later. Alternatively, use Sawmill
in CGI mode.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true