CVE-2004-1807

Name of the Vulnerable Software and Affected Versions CFWebstore version 5.0

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved by injecting malicious code via the URL.

Recommendations For CFWebstore version 5.0, update the index.cfm file to properly sanitize user input and prevent the injection of arbitrary web script or HTML. As a temporary workaround, consider restricting access to the index.cfm file until a patch is available.