Sitelock critical cross-site scripting vulnerability

Permalink
Ok so I recieved an email stating that my site has a "critical cross-site scripting vulnerability" and I really have no idea what I can do to fix it. The scan details give me these as the errors

MW_URL:http://www.kouturekakes.com/packages/amiant_image_gallery/blocks/amiant_gallery/view.css.php?bID=218&wU=0&w=900&h=600&
amp;mTW=100&mTH=100&crop=0&v=e26a433939bafc7abc6ff6d8a39dd64c
Cross site scripting vulnerability found in args:bID,crop,h,mTH,mTW,v,w,wU
MW_URL:http://www.kouturekakes.com/packages/amiant_image_gallery/blocks/amiant_gallery/view.css.php?bID=235&wU=0&w=900&h=500&
amp;mTW=100&mTH=100&crop=1&v=e26a433939bafc7abc6ff6d8a39dd64c
Cross site scripting vulnerability found in args:bID,crop,h,mTH,mTW,v,w,wU
MW_URL:http://www.kouturekakes.com/packages/amiant_image_gallery/blocks/amiant_gallery/view.css.php?bID=239&wU=0&w=900&h=500&
amp;mTW=100&mTH=100&crop=1&v=e26a433939bafc7abc6ff6d8a39dd64c
Cross site scripting vulnerability found in args:bID,crop,h,mTH,mTW,v,w,wU

Any help would be greatly appreciated.

View Replies:
bclarkrdc replied on at Permalink Reply
John321 replied on at Permalink Reply
The reported Cross-site scripting does not seem to be exploitable, however it is possible to change output of the css file. In this case it is not a vulnerability and for sure it’s NOT critical.