Omnistar Live KB.PHP Cross-Site Scripting Vulnerability

Omnistar Live KB.PHP Cross-Site Scripting Vulnerability

An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.

The following proof-of-concept URIs are available:

http://www.example.com/smartshop/users/kb.php?id=10002&category_id=XSS
http://www.example.com/users/kb.php?category_id=XSS