SECUNIA ADVISORY ID: SA23738

VERIFY ADVISORY: http://secunia.com/advisories/23738/

CRITICAL: Less critical

IMPACT: Cross Site Scripting

SOFTWARE: Quick.Cart 2.x - http://secunia.com/product/12801/

DESCRIPTION: David Sopas has discovered a vulnerability in Quick.Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. (For more information: SA23733) The vulnerability is confirmed in version 2.0 English edition. Other versions may also be affected.

SOLUTION: Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY: David Sopas a.k.a. SmOk3

OTHER REFERENCES: SA23733: http://secunia.com/advisories/23733/