Comersus Cart comersus_searchItem.asp curPage Parameter XSS

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server contains an ASP script that is prone to a cross-
site scripting attack.

Description :

The version of Comersus Cart installed on the remote host fails to
properly sanitize user input to the 'curPage' parameter of the
'comersus_searchItem.asp' script. An attacker can exploit this
vulnerability to cause arbitrary HTML and script code to be executed
in a user's browser within the context of the affected website when a
user views a malicious link.

See also :

http://www.nessus.org/u?b1bf6e75

Solution :

Upgrade to Comersus Cart version 6.00 or newer.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 18029 (comersus_curpage_xss.nasl)

Bugtraq ID: 13125

CVE ID: CVE-2005-1188