Zope < 2.6.3 Multiple Vulnerabilities
Medium Nessus Plugin ID 11985
SynopsisThe remote web server contains an application server that is affected by multiple vulnerabilities.
DescriptionThe remote web server is a version of Zope which is older than version 2.6.3.
There are multiple security issues in all releases prior to version 2.6.3 or 2.7 BETA4 which can be exploited by an attacker to perform cross-site scripting attacks, obtain information about the remote host, or disable this service remotely.
Note that Nessus solely relied on the version number of the server, so if the hotfix has already been applied, this might be a false positive
SolutionUpgrade to Zope 2.6.3 or later.