Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Comersus_cart | Comersus_open_technologies | 5.09 (including) | 5.09 (including) |