2 matches found
CVE-2019-8290
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...
CVE-2019-8290
CVE-2019-8290 affects Online Store v1.0. The vulnerability arises from the registration flow: posting to sent_register.php allows special characters to bypass the member email format validation and enables an XSS payload to be injected. The connected materials confirm an XSS issue stemming from i...