Categories

Updated: 03/05/2005

osCommerce Contact Us Page Fix

Fix for osCommerce &"Contact_us&" Cross Site Scripting Vulnerability. A new vulnerability was reported in osCommerce, which can be exploited by attackers to conduct Cross Site Scripting attacks. The problem resides in the &"contact_us.php&" file when handling the &"enquiry&" parameter, which may be exploited to cause arbitrary scripting code to be executed by the user''s browser. This contribution gives a fix for this vunerability.
©2019 A--9.com