Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote malicious users to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
comersus open technologies comersus cart 7.07 |