CVE-2016-1205
CVE-2016-1205 is a cross-site scripting (XSS) vulnerability in EC-CUBE shiro8 Co., Ltd. plugins “category_freearea_ addition_plugin” and “itemdetail_freearea_ addition_plugin” (version 1.0). The underlying issue is CWE-79, enabling remote attackers to inject arbitrary web script/HTML via unspecif...