ID de Prueba:	1.3.6.1.4.1.25623.1.0.12640
Categoría:	Web application abuses
Título:	Comersus Cart Cross-Site Scripting Vulnerability
Resumen:	The malicious user is able to compromise the parameters to invoke a; Cross-Site Scripting attack. This can be used to take advantage of the trust between a client and; server allowing the malicious user to execute malicious JavaScript on the client's machine or perform; a denial of service shutting down IIS.
Descripción:	Summary: The malicious user is able to compromise the parameters to invoke a Cross-Site Scripting attack. This can be used to take advantage of the trust between a client and server allowing the malicious user to execute malicious JavaScript on the client's machine or perform a denial of service shutting down IIS. Solution: Upgrade to version 5.098 or newer CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0681 BugTraq ID: 10674 http://www.securityfocus.com/bid/10674 Bugtraq: 20040707 Comersus Cart Cross-Site Scripting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108922169327403&w=2 XForce ISS Database: comersus-cart-xss(16646) https://exchange.xforce.ibmcloud.com/vulnerabilities/16646 Common Vulnerability Exposure (CVE) ID: CVE-2004-0682 Bugtraq: 20040707 Comersus Cart Improper Request Handling (Google Search) http://marc.info/?l=bugtraq&m=108922336529987&w=2 XForce ISS Database: comersus-cart-price-modification(16645) https://exchange.xforce.ibmcloud.com/vulnerabilities/16645
Copyright	Copyright (C) 2004 Noam Rathaus

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.