6.5 Medium
AI Score
Confidence
High
The BackOffice of Thelia (error.html template) has a cross-site scripting vulnerability in version 2.1.0 and 2.1.1 but not version 2.0.X. Version 2.1.2 contains a patch for the issue.
error.html
github.com/advisories/GHSA-vq4j-qcx7-ppc6
github.com/FriendsOfPHP/security-advisories/blob/master/thelia/thelia/2015-02-24-1.yaml
github.com/thelia/thelia/commit/e7c9c3be1d580067cba102f1f9530baf067c1e5d
web.archive.org/web/20160406004324/thelia.net/version-2-1-2-with-security-fix