Kent Web · Kent-Web Web Mart · CVE-2012-1247
**Name of the Vulnerable Software and Affected Versions**
KENT-WEB WEB MART versions 1.7 and earlier
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions when Internet Explorer is used.
**Recommendations**
For versions 1.7 and earlier, update to a version that does not support CSS expressions in Internet Explorer or disable the use of CSS expressions to mitigate the risk of exploitation.