icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sunshop < 3.4RC2 index.php search Parameter XSS

Medium

Synopsis

The remote host is running the Sunshop e-commerce shopping cart.

Description

The remote host is running the Sunshop e-commerce shopping cart. This version of Sunshop is vulnerable to a remote cross-site scripting (XSS) attack. An attacker exploiting this flaw would need to be able to convince a user to click on a malicious URL which, when executed, would run potentially malicious code within the client browser.

Solution

Upgrade to version 3.4RC2 or higher.