Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Productcart | Early_impact | 1.5 (including) | 1.5 (including) |
| Productcart | Early_impact | 1.6b (including) | 1.6b (including) |
| Productcart | Early_impact | 1.6b001 (including) | 1.6b001 (including) |
| Productcart | Early_impact | 1.6b002 (including) | 1.6b002 (including) |
| Productcart | Early_impact | 1.6b003 (including) | 1.6b003 (including) |
| Productcart | Early_impact | 1.6br (including) | 1.6br (including) |
| Productcart | Early_impact | 1.6br001 (including) | 1.6br001 (including) |
| Productcart | Early_impact | 1.6br003 (including) | 1.6br003 (including) |
| Productcart | Early_impact | 1.5002 (including) | 1.5002 (including) |
| Productcart | Early_impact | 1.5003 (including) | 1.5003 (including) |
| Productcart | Early_impact | 1.5003r (including) | 1.5003r (including) |
| Productcart | Early_impact | 1.5004 (including) | 1.5004 (including) |
| Productcart | Early_impact | 1.6002 (including) | 1.6002 (including) |
| Productcart | Early_impact | 1.6003 (including) | 1.6003 (including) |
| Productcart | Early_impact | 2 (including) | 2 (including) |
| Productcart | Early_impact | 2br000 (including) | 2br000 (including) |