Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Productcart | Early_impact | 1.5 (including) | 1.5 (including) |
| Productcart | Early_impact | 1.6b (including) | 1.6b (including) |
| Productcart | Early_impact | 1.6b001 (including) | 1.6b001 (including) |
| Productcart | Early_impact | 1.6b002 (including) | 1.6b002 (including) |
| Productcart | Early_impact | 1.6b003 (including) | 1.6b003 (including) |
| Productcart | Early_impact | 1.6br (including) | 1.6br (including) |
| Productcart | Early_impact | 1.6br001 (including) | 1.6br001 (including) |
| Productcart | Early_impact | 1.6br003 (including) | 1.6br003 (including) |
| Productcart | Early_impact | 1.5002 (including) | 1.5002 (including) |
| Productcart | Early_impact | 1.5003 (including) | 1.5003 (including) |
| Productcart | Early_impact | 1.5003r (including) | 1.5003r (including) |
| Productcart | Early_impact | 1.5004 (including) | 1.5004 (including) |
| Productcart | Early_impact | 1.6002 (including) | 1.6002 (including) |
| Productcart | Early_impact | 1.6003 (including) | 1.6003 (including) |
| Productcart | Early_impact | 2.0 (including) | 2.0 (including) |
| Productcart | Early_impact | 2.0br000 (including) | 2.0br000 (including) |
| Productcart | Early_impact | 2.5 (including) | 2.5 (including) |