|Title:||Cross-Site Scripting in Cherokee Error Pages|
|Summary:||Checks for the version of Cherokee|
The remote web server is vulnerable to a cross-site scripting issue.
The remote host is running Cherokee - a fast and tiny web server.
Due to a lack of sanitization from the user input,
The remote version of this software is vulnerable to cross-site
scripting attacks due to lack of sanitization in returned error pages.
Upgrade to Cherokee 0.4.8 or newer.
BugTraq ID: 9496|
Common Vulnerability Exposure (CVE) ID: CVE-2004-2171
XForce ISS Database: cherokee-error-xss(14936)
|Copyright||This script is Copyright (C) 2004 David Maciejak|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.