Phase:Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter.
ReferencesBUGTRAQ:Tuesday, December 18, 2001 Aktivate Shopping System Cross Site Scripting Vulnerability | URL:http://www.securityfocus.com/archive/1/246274 | XF:aktivate-shopping-css(7717) | URL:http://www.iss.net/security_center/static/7717.php | BID:3714 | URL
Votes:Proposed (Friday, March 15, 2002)
Comments: ACCEPT(2) Frech, Green | NOOP(4) Wall, Foat, Cole, Ziese
F7: