Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15454
http://www.securityfocus.com/bid/9856
http://www.s-quadra.com/advisories/Adv-20040312.txt
http://www.cfwebstore.com/whatsnewdetail.cfm?WhatsNew__WhatsNewID=43
http://securitytracker.com/id?1009403