This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote web server contains an ASP script that is prone to a cross-
site scripting attack.
The version of Comersus Cart installed on the remote host fails to
properly sanitize user input to the 'curPage' parameter of the
'comersus_searchItem.asp' script. An attacker can exploit this
vulnerability to cause arbitrary HTML and script code to be executed
in a user's browser within the context of the affected website when a
user views a malicious link.
See also :
Upgrade to Comersus Cart version 6.00 or newer.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true