This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote web server hosts an application that is affected by a
cross-site scripting vulnerability.
The remote web server hosts jCart.
Nessus was able to trigger a cross-site scripting vulnerability
against one of the PHP scripts.
In addition, this web application is likely to be affected by
uncontrolled redirection and affected by cross-site request forgery
vulnerabilities, although Nessus has not checked for them.
See also :
Upgrade to jCart 1.2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 55775 ()
Bugtraq ID: 43639