FreeBSD : jpgraph2 -- XSS vulnerability (77b7ffb7-e937-11e5-8bed-5404a68ad561)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Martin Barbella reports :

JpGraph is an object oriented library for PHP that can be used to
create various types of graphs which also contains support for client
side image maps.

The GetURLArguments function for the JpGraph's Graph class does not
properly sanitize the names of get and post variables, leading to a
cross site scripting vulnerability.

See also :

http://www.securityfocus.com/archive/1/archive/1/508586/100/0/threaded
http://www.nessus.org/u?02b59d47

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 89896 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now