Multiple Cross-Site Scripting (XSS) Vulnerabilities in Nextplace.com E-Commerce ASP Engine

Multiple Cross-Site Scripting (XSS) Vulnerabilities in Nextplace.com E-Commerce ASP Engine

CVE-2004-2123 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level parameter of ListCategories.asp.

Learn more about our Web App Pen Testing.