Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter.Referenceshttp://www.securityfocus.com/bid/7557https://exchange.xforce.ibmcloud.com/vulnerabilities/11988http://marc.info/?l=bugtraq&m=105276130814262&w=2
