FreeBSD : mod_pagespeed -- critical XSS (XSS) vulnerability (4e23644c-cb93-4f83-9e20-5bc07ad9b39f)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

mod_pagespeed developers report :

Various versions of mod_pagespeed are subject to critical cross-site
scripting (XSS) vulnerability, CVE-2013-6111. This permits a hostile
third party to execute JavaScript in users' browsers in context of the
domain running mod_pagespeed, which could permit theft of users'
cookies or data on the site.

See also :

http://www.nessus.org/u?65b4f900

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 70672 ()

Bugtraq ID:

CVE ID: CVE-2013-6111

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now