osCommerce Cross Site Scripting Bugs High Medium Low Network Vulnerabilities Web application abuses osCommerce Cross Site Scripting Bugs SummaryosCommerce is a widely installed open source shopping e-commerce solution. An attacker may use it to perform a cross site scripting attack on this host. SolutionUpgrade to a newer version. References http://secunia.com/advisories/8368/ http://www.securitytracker.com/id/1006342 http://xforce.iss.net/xforce/xfdb/11590 Updated on 2015-03-25 Severity Classification CVSS Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Related Vulnerabilities Apache Rave User Information Disclosure VulnerabilityA4Desk Event Calendar 'eventid' Parameter SQL Injection VulnerabilityApache Tomcat Directory Listing and File disclosureAbanteCart Multiple Cross-Site Scripting VulnerabilitiesAdmidio get_file.php Remote File Disclosure Vulnerability