All Enthusiast PhotoPost PHP Pro < 4.8.6 Multiple XSS
Medium Nessus Network Monitor Plugin ID 2484
SynopsisThe remote host is vulnerable to a Cross-Site Scripting (XSS) attack.
DescriptionThe remote host is running All Enthusiast PhotoPost PHP, a web-based gallery application.
The remote version of this software is prone to multiple cross-site scripting vulnerabilities. This may allow an attacker to steal authentication credentials.
SolutionUpgrade to version 4.8.6 or higher.