9 lines
No EOL
604 B
Text
Executable file
9 lines
No EOL
604 B
Text
Executable file
source: http://www.securityfocus.com/bid/12403/info
|
|
|
|
JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'product.php' script.
|
|
|
|
As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
|
|
|
|
product.php?xSec=1&xProd=7"><script>alert(document.domain);</script>
|
|
|
|
product.php?xSec=1"><script>alert(document.domain);</script>&xProd=7 |