| VID |
21315 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Comersus Shopping Cart on the remote web server contains a Cross-Site Scripting Vulnerability.
Comersus Cart is a freely available shopping cart program for Microsoft Windows and Linux operating systems. The version 5.0.9 of Comersus Cart allows a remote attacker to carry out cross-site scripting attacks, caused by an input validation flaw of user-supplied input. By creating a specially-crafted URL request to the following pages containing a malicious script,
/comersus/store/comersus_customerAuthenticateForm.asp
/comersus/backofficeLite/comersus_backoffice_message.asp
/comersus/store/comersus_supportError.asp
/comersus/store/comersus_message.asp
a remote attacker could execute it in the target user's Web browser within the security context of the hosting site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-07/0071.html
http://securitytracker.com/alerts/2004/Jul/1010658.html
* Platforms Affected:
Comersus Cart 5.09
Linux Any version
Windows Any version |
| Recommendation |
Upgrade to the Comersus Cart v5.098, available from the Comersus Open Technologies Download site at http://www.comersus.com/download.html |
| Related URL |
CVE-2004-0681 (CVE) |
| Related URL |
10674 (SecurityFocus) |
| Related URL |
16646 (ISS) |
|
