CVE-2004-0681 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp (2) comersus_backoffice_message.asp (3) comersus_supportError.asp or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.

Reference

http://marc.info/?l=bugtraq&m=108922169327403&w=2 http://www.securityfocus.com/bid/10674 https://exchange.xforce.ibmcloud.com/vulnerabilities/16646