CVE-2011-4567

Name of the Vulnerable Software and Affected Versions Zen Cart versions prior to 1.5

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the message parameter in a gv send action to "index.php".

Recommendations For versions prior to 1.5, update to version 1.5 or later to resolve the issue.