<<< Date Index >>>     <<< Thread Index >>>

Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting



Please note this problem has been fixed and changes propagated to all
iNETstore servers world wide. Please update your records.

thank you
iNETstore Support


On Fri, 20 Jan 2006 17:33:14 +1100, "iNETstore Support"
<support@xxxxxxxxxxxxx> said:
> iNETstore E Commerce Solution - Cross Site Scripting
> 
> Vendor URL: http://www.inetstore.com/
> 
> http://vs160455.server-store.com/store/search.inetstore?searchterm=";><script>alert(document.cookie)</script>&submit=submit
> 
> 
> Problem fixed. 
> 
> regards, iNETstore Support



------
This communication is confidential and may contain information that is the 
subject of legal privilege and/or copyright.

It should only be viewed by the intended recipient. If you have received this 
communication in error, please notify us immediately by e-mailing us at 
support@xxxxxxxxxxxxx and then immediately destroy this communication.

Any unauthorised use of the contents of this communication is expressly 
prohibited. Our confidentiality, privilege or copyright is not waived or lost 
if you received this communication in error. You may not distribute, or carbon 
copy this email to any other party, other than with the express authority of 
the sender.