Comersus Cart Cross-Site Scripting Vulnerability

Summary
The malicious user is able to compromise the parameters to invoke a Cross-Site Scripting attack. This can be used to take advantage of the trust between a client and server allowing the malicious user to execute malicious JavaScript on the client's machine or perform a denial of service shutting down IIS.
Solution
Upgrade to version 5.098 or newer