3 matches found
CVE-2022-21149
The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting XSS which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie...
CVE-2022-21149 Cross-site Scripting (XSS)
The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting XSS which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie...
CVE-2022-21149
CVE-2022-21149 affects the s-cart project: s-cart/s-cart and s-cart/core versions before 6.9 are vulnerable to Cross-site Scripting (XSS) that can allow an attacker to steal cookies and impersonate a user. The underlying issue is an XSS flaw in the affected components that enables execution of ar...