Description

Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.

Remediation

References

CVE-2003-1219

Related Vulnerabilities

Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)

WordPress Plugin Share This Image Unspecified Vulnerability (1.19)

WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.10.3)

WordPress Plugin Print-O-Matic Cross-Site Scripting (2.1.7)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19049)

Severity

Medium

Classification

CVE-2003-1219

Tags

Missing Update Known Vulnerabilities