Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter.Referenceshttp://securitytracker.com/id?1014613https://exchange.xforce.ibmcloud.com/vulnerabilities/21676http://marc.info/?l=bugtraq&m=112301600608192&w=2http://www.securityfocus.com/bid/14454http://secunia.com/advisories/16262
