Excuse my ignorance but I got a high vulnerability for
the subject plugin with the following explanation:
The following requests seem to allow the reading of
sensitive files or XSS. You should manually try them
to see if anything bad happens:
/library/libfileshtm.asp?show=Y&file=xxx.htm?show=<script>alert('foo')</script>
Is nessus telling me to type the above command
directly into the URL to test this vuln or do I need
to fill in parameters for <script>?
TIA
__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
