Cross-site scripting (XSS) vulnerability in templates/defaultheader.php in Lamp Design Storesprite prior to 7 - 19-06-14, when using the currency selection dropdown, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to brand.php, related to the currencyUrl function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
storesprite storesprite |