Cross site scripting in osCommerce
Cross site scripting in osCommerce - CEPhoenix
Application: CE-Phoenix
Version: v1.0.7.18
Link to source code: https://github.com/gburton/CE-Phoenix/releases/tag/v1.0.7.181.
Source: /includes/modules/customer_data/cd_firstname.php at line 101 from /admin/customers.php at line 32
Sink: /admin/customers.php at line 142
Steps to reproduce:
– Sign up one user
– Login to admin
– Go to “Customers -> Customer” section
– Click to update signed-up customer’s information
– Add alert(1); value in Customer’s first name
The javascript code is returned unsanitized in the response from the application to the “Submit” action of form and it is executed.