3 matches found
CVE-2020-11006
In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend. This has been patched in version 2.11.0...
CVE-2020-11006 Potential remote code execution in Shopizer
In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend. This has been patched in version 2.11.0...
CVE-2020-11006
CVE-2020-11006 affects Shopizer prior to 2.11.0, where a script can be injected and stored in the database, then executed on backend fetch. Root cause is input/script injection into data persisted by the application; this is mitigated by upgrading to version 2.11.0 or later. Reports in connected ...