CVE-2004-2123 - Andantino Stress
Description
Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp (2) searchKey parameter of searchresults.asp and possibly (3) level parameter of ListCategories.asp.
Reference
http://marc.info/?l=bugtraq&m=107513601805018&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14952