5 lines
No EOL
449 B
Text
5 lines
No EOL
449 B
Text
source: http://www.securityfocus.com/bid/7557/info
|
|
|
|
IT has been reported that Happymall E-Commerce is prone to cross-site scripting attacks. The problem occurs due to insufficient sanitization of user-supplied URI parameters. As a result, it may be possible for an attacker to execute arbitrary script code within the browser of a legitimate user visiting the site.
|
|
|
|
http://www.target.com/shop/normal_html.cgi?file=<script>alert("XSS")</script> |