CVE-2005-1403

Name of the Vulnerable Software and Affected Versions: JustWilliam's Amazon Webstore version 04050100

Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved via several parameters, including the image parameter to "closeup.php", the currentIsExpanded or searchFor parameters to "index.php", the currentNumber parameter to "software CAD Technical 60002 uk.htm", or through a cookie.

Recommendations: For JustWilliam's Amazon Webstore version 04050100, as a temporary workaround, consider restricting access to the affected parameters, such as image, currentIsExpanded, searchFor, and currentNumber, until a patch is available. Additionally, avoid using cookies that may be exploited in the context of this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.