Description

Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.

Remediation

References

CVE-2003-1219

Related Vulnerabilities

WordPress Plugin xPinner Lite Multiple Vulnerabilities (2.2)

MySQL CVE-2021-2304 Vulnerability (CVE-2021-2304)

WordPress Plugin WooCommerce Anti-Fraud Security Bypass (3.2)

WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.4.11)

WordPress Plugin SEO Backlinks Cross-Site Request Forgery (4.0.1)

Severity

Medium

Classification

CVE-2003-1219

Tags

Missing Update Known Vulnerabilities