Lucene search

K
osvGoogleOSV:GHSA-C8MX-43CQ-993W
HistoryMay 24, 2022 - 7:01 p.m.

EC-CUBE Cross-site scripting vulnerability

2022-05-2419:01:56
Google
osv.dev
2

6.6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.7%

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator’s web browser.

6.6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.7%

Related for OSV:GHSA-C8MX-43CQ-993W