2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to 1 comersuscustomerAuthenticateForm.asp or 2 comersusmessage.asp, different vectors than CVE-2004-0681...
CVE-2004-0681
CVE-2004-0681 involves multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 5.09. The affected pages are comersus_customerAuthenticateForm.asp, comersus_backoffice_message.asp, comersus_supportError.asp, and comersus_message.asp. The underlying issue is non-sanitized input in the ...