VULHUB ™

It has been reported that osCommerce is prone to HTML injection attacks. This problem occurs due to osCommerce insufficiently sanitizing user-supplied input. As a result, attackers may embed malicious script code or HTML into orders. This may make it possible to steal an unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. This vulnerability was reported to affect osCommerce version 2.2ms1, prior versions are reportedly affected.

It has been reported that osCommerce is prone to HTML injection attacks. This problem occurs due to osCommerce insufficiently sanitizing user-supplied input. As a result, attackers may embed malicious script code or HTML into orders. This may make it possible to steal an unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. This vulnerability was reported to affect osCommerce version 2.2ms1, prior versions are reportedly affected.