5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.8%
Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6 through 5.1.10 allows remote attackers to inject arbitrary web script or HTML via the substring parameter.
www.kb.cert.org/vuls/id/924124
blog.x-cart.com/5-1-11-released.html