4 matches found
Cross-site Scripting (XSS)
Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the shipping options configuration form in the E-commerce module ecommerce.shippingoption. An...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
PT-2024-27678 · Unknown · Strongshop
Name of the Vulnerable Software and Affected Versions: StrongShop version 1.0 Description: A Server-Side Template Injection SSTI issue was found in the /shippingOptionConfig/index.blade.php component. Recommendations: For StrongShop version 1.0, consider restricting access to the vulnerable...