VULHUB ™

Actinic Catalog is an application designed for e-commerce websites and will run on most Windows and UNIX systems. Actinic Catalog fails to sufficiently filter HTML tags, including script code, from URL parameters. An attacker can create a malicious link containing arbitrary script code. When a legitimate user browses the malicious link, the script code will run in the user's browser in the context of the website running Actinic Catalog.

Actinic Catalog is an application designed for e-commerce websites and will run on most Windows and UNIX systems. Actinic Catalog fails to sufficiently filter HTML tags, including script code, from URL parameters. An attacker can create a malicious link containing arbitrary script code. When a legitimate user browses the malicious link, the script code will run in the user's browser in the context of the website running Actinic Catalog.