CVE-2015-2210

2017-09-06T17:29:00
ID CVE-2015-2210
Type cve
Reporter NVD
Modified 2018-10-09T15:56:09

Description

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.