This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The Drupal Project reports :
When theme .tpl.php files are accessible via the web and the PHP
setting register_globals is set to enabled, anonymous users are able
to execute cross site scripting attacks via specially crafted links.
Drupal's .htaccess attempts to set register_globals to disabled and
also prevents access to .tpl.php files. Only when both these measures
are not effective and your PHP interpreter is configured with
register_globals set to enabled, will this issue affect you.
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.6