2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the 1 msg parameter to msg.jsp, and the 2 contentid parameter to tc/contents/home001.jsp...
InnovaPortal - 'tc/contents/home001.jsp?contentid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26084/info InnovaShop is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...