CVE-2012-1059
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the value_title parameter, as demonstrated using the "Front" field in the shirt module.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
oscommerce | online_merchant | 3.0.2 |
Common Weakness Enumeration