FreeBSD : jpgraph2 -- XSS vulnerability (77b7ffb7-e937-11e5-8bed-5404a68ad561)
High Nessus Plugin ID 89896
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMartin Barbella reports :
JpGraph is an object oriented library for PHP that can be used to create various types of graphs which also contains support for client side image maps.
The GetURLArguments function for the JpGraph's Graph class does not properly sanitize the names of get and post variables, leading to a cross site scripting vulnerability.
SolutionUpdate the affected package.