CVE-2004-2123 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp (2) searchKey parameter of searchresults.asp and possibly (3) level parameter of ListCategories.asp.

Reference

http://marc.info/?l=bugtraq&m=107513601805018&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14952