2 matches found
CVE-2022-23060
Shopizer CVE-2022-23060 affects versions 2.0–2.17.0. A Stored XSS occurs when a privileged attacker injects JavaScript via the filename in the Manage Files tab due to insufficient input/output filtering. Attacker could cause client-side script execution. Connected sources corroborate the vulnerab...
CVE-2022-23060 Shopizer - Stored XSS in Manage Files
A Stored Cross Site Scripting XSS vulnerability exists in Shopizer versions 2.0 through 2.17.0, where a privileged user attacker can inject malicious JavaScript in the filename under the “Manage files” tab...