Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature.
References
Configurations
History
No history.
Information
Published : 2005-12-16 11:03
Updated : 2024-02-04 16:52
NVD link : CVE-2005-4292
Mitre link : CVE-2005-4292
CVE.ORG link : CVE-2005-4292
JSON object : View
Products Affected
internet_express_products
- commercesql
CWE