Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:59 p.m.7 views

CVE-2021-20744

Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.6AI score0.00754EPSS
Exploits0References1
OSV
OSV
added 2021/06/22 2:15 a.m.3 views

CVE-2021-20744

Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.8AI score0.00754EPSS
Exploits0References2
NVD
NVD
added 2021/06/22 2:15 a.m.18 views

CVE-2021-20744

Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS0.00754EPSS
Exploits0References2
CVE
CVE
added 2021/06/22 1:35 a.m.79 views

CVE-2021-20744

CVE-2021-20744 is an XSS vulnerability in the EC-CUBE Category contents plugin for EC-CUBE 3.0.x. The issue affects versions prior to 1.0.1 and allows a remote attacker to inject arbitrary script by steering an administrator or user to a crafted page and performing a specific operation; this can ...

6.1CVSS6AI score0.00754EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/22 1:35 a.m.17 views

CVE-2021-20744

Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.3AI score0.00754EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/15 12:0 a.m.75 views

JVN#57524494: Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE

Multiple EC-CUBE plugins provided by EC-CUBE CO.,LTD. contain multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability CWE-79 - CVE-2021-20742 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L| Base Score: 7.1 CVSS v2|...

6.1CVSS6.5AI score0.00757EPSS
Exploits0
Rows per page
Query Builder