CVE-2019-8289

Vulnerability in Online Store v1.0, stored XSS in admin/userview.php adidasmemberemail variable...

Design/Logic Flaw

Vulnerability in Online Store v1.0, stored XSS in admin/userview.php adidasmemberemail variable...

CVE-2019-8289

CVE-2019-8289 affects Online Store v1.0 with a stored XSS in admin/user_view.php via the adidas_member_email parameter. Root cause: lack of proper input handling in that parameter leading to script injection when the page is rendered. Impact per sources: low confidentiality/integrity impact, no a...