OpenCart < 3.0.3.3 XSS Vulnerability

OpenCart is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:opencart:opencart"...

PT-2020-13815 · Opencart · Opencart

Name of the Vulnerable Software and Affected Versions: OpenCart version 3.0.3.3 Description: The issue allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. This problem exists due to an incomplete...