This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The Serendipity Team reports :
Serendipity failed to correctly sanitize user input on the media
manager administration page. The content of GET variables were written
Additionally Serendipity dynamically created a HTML form on the media
manager administration page that contained all variables found in the
URL as hidden fields. While the variable values were correctly escaped
it was possible to break out by specifying strange variable names.
See also :
Update the affected package.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 22910 (freebsd_pkg_96ed277b60e011dbad2d0016179b2dd5.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now