mvnForum < 1.0 RC4_03 Search Parameter XSS
Medium Nessus Network Monitor Plugin ID 2837
SynopsisThe remote host is running a vulnerable version of mvnForum, a web-based bulletin board.
DescriptionThe remote host is running mvnForum, a web-based bulletin board. This version of mvnForum is vulnerable to a Cross-Site Scripting (XSS) attack. An attacker exploiting this flaw would need to entice a user into browsing a malicious URI. Successful exploitation could lead to disclosure of confidential information (such as cookies).
SolutionUpgrade to version 1.0 RC4_03 or higher.