CVE-2016-1205
Cross-site scripting XSS vulnerability in the shiro8 1 categoryfreearea additionplugin plugin 1.0 and 2 itemdetailfreearea additionplugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...