CVE-2010-3465

Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to Default.aspx and the (2) type parameter to SearchResults.aspx.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ecommercesoft:xse_shopping_cart:1.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ecommercesoft:xse_shopping_cart:1.5.3.0:*:*:*:*:*:*:*

Information

Published : 2010-09-17 13:00

Updated : 2017-08-16 18:32


NVD link : CVE-2010-3465

Mitre link : CVE-2010-3465


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

ecommercesoft

  • xse_shopping_cart