CVE-2004-2701
Aspdotnetstorefront - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Thomas Ryan · textwebappsasp
https://www.exploit-db.com/exploits/24185
References (5)
Scores
EPSS
0.0057
EPSS Percentile
68.4%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
aspdotnetstorefront/aspdotnetstorefront
Timeline
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026