Synopsis
The remote host is running a vulnerable version of myServer.
Description
The remote host is running myServer 0.8.0 or older. There is a flaw in the remote version of this software that may allow an attacker to list directories or execute a Cross-Site Scripting (XSS) attack. The first flaw would allow an attacker access to potentially confidential data via a directory listing. The second flaw would require the attacker to be able to convince a user to browse a malicious URI. Successful exploitation would result in the attacker being able to retrieve potentially confidential data (such as authentication cookies).
Solution
Upgrade or patch according to vendor recommendations.
Plugin Details
Nessus ID: 18218
Risk Information
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X