Arbitrary Web Script Injection via CSS Expressions in KENT-WEB WEB MART 1.7 and Earlier

Arbitrary Web Script Injection via CSS Expressions in KENT-WEB WEB MART 1.7 and Earlier

CVE-2012-1247 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions.

Learn more about our Web App Pen Testing.