CGI Generic Script Injection (quick test)

This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.

Synopsis :

The remote web server is prone to cross-site scripting attacks.

Description :

The remote web server hosts one or more CGI scripts that fail to
adequately sanitize request strings. By leveraging this issue, an
attacker may be able to inject malicious code in an existing 'script'
block and cause arbitrary script code to be executed in a user's
browser within the security context of the affected site. These XSS
vulnerabilities are likely to be 'non persistent' or 'reflected'.

See also :

Solution :

Restrict access to the vulnerable application. Contact the vendor
for a patch or upgrade.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: CGI abuses : XSS

Nessus Plugin ID: 55904 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now