Comersus Cart CVE-2007-3324 Cross-Site Scripting Vulnerability

Comersus Cart CVE-2007-3324 Cross-Site Scripting Vulnerability

Comersus Cart is prone to a cross-site scripting vulnerability. Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681.