CVE-2003-0278

Name of the Vulnerable Software and Affected Versions: Happymall versions 4.3 through 4.4

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to insert arbitrary web script. This is achieved via the file parameter.

Recommendations: For versions 4.3 and 4.4, consider restricting access to the normal html.cgi script until a fix is available. As a temporary workaround, avoid using the file parameter in the affected script to minimize the risk of exploitation.