Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.
CPE | Name | Operator | Version |
---|---|---|---|
welcart_e-commerce | ge | 2.7 | |
welcart_e-commerce | le | 2.8.21 |