Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to 1 addaddress.php, 2 editshipdetails.php, 3 register.php, or 4 login.php in secure/...