Vendor: Bractus (http://bract.us) Product: SunTrack (http://bract.us/demo/login.jsp) Multiple stored XSS vulnerabilities exist in the Bractus SunTrack courier software suite. Affected scripts: newprofile.html (title parameter) signup/signup.html (firstname, lastname, company parameter) contact.html (firstname, lastname, address[0].street1 parameter) -- BugsNotHugs Shared Vulnerability Disclosure Account
