Security status of osCommerce?

[Joel Merrick <joel () servicestyle com>]

Hi,

I'm wondering if anyone can tell me about the current security status of
the MS2.2 release of osCommerce?

I understand that there have been XSS vulnerabilities and DOS exploits,
heve these been fixed in the MS2.2 downloadable from the site?

Any help appreciated.
-- 
Joel Merrick

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html