CVE-2002-1680 Information

Description

Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.

Reference

http://online.securityfocus.com/archive/82/251570 http://www.securityfocus.com/bid/3914 http://www.securityfocus.com/bid/3921 https://exchange.xforce.ibmcloud.com/vulnerabilities/7986