Cross-Site Scripting (XSS) Vulnerability in Comdev eCommerce 3.0 and 3.1

Cross-Site Scripting (XSS) Vulnerability in Comdev eCommerce 3.0 and 3.1

CVE-2005-2138 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.

Learn more about our Web App Pen Testing.