2 matches found
CVE-2020-29475
nopCommerce Store 4.30 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Schedule tasks name field. The root cause is insufficient input sanitization, allowing an attacker to inject an XSS payload that triggers when users visit the affected page, potentially stealing cookies...
nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting
Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.nopcommerce.com/ Version: 4.30 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29475 Stored Cross-site scriptingXSS: Stored XSS, also...