• info
• discussion
• exploit
• solution
• references

OSCommerce Checkout_Confirmation.PHP Comment HTML Injection Vulnerability

Solution:
A patch to address this issue is reportedly available by CVS update. Users are advised to contact the vendor for fix details.