osCommerce Tell-A-Friend E-Mail Session ID Disclosure

2006-08-17T01:51:50
ID OSVDB:29835
Type osvdb
Reporter OSVDB
Modified 2006-08-17T01:51:50

Description

Solution Description

Upgrade to version 2.2 Milestone 2 060817 Update or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.oscommerce.com/about/news,124 Related OSVDB ID: 29834