Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter.
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 1 Total
- marc.info: 20050215 [NOBYTES.COM: #3] osCommerce 2.2-MS2 - XSS Vulnerability mailing-listx_transferred