We found Justice Guestbook 1.3 Multiple Vulnerabilities threat to our server .Below are details
The remote web server is hosting a PHP script that is affected by multiple vulnerabilities.
The remote host is running Justice Guestbook.
This set of CGI has two vulnerabilities :
- It is vulnerable to cross-site scripting attacks (in jgb.php3).
- If the user requests the file cfooter.php3, he will obtain the physical path of the remote CGI.
An attacker may use these flaws to steal the cookies of your users or to gain better knowledge about this host.
There is no known solution at this time.
I did not found solution over net . We are not using php.
OS :- Ubuntu 12.04LTS
application :- Liferayportal 6.0.x
How to fix this issue . Any help is highly appreciable .