3 matches found
CVE-2023-3652
CVE-2023-3652 is a Reflected XSS in Digital Ant E-Commerce Software, affecting versions before 11. Root cause: improper input neutralization during web page generation. Impact per sources: potential for reflected scripts with low confidentiality/integrity impact, CVSS 3.1 base score 6.1 (MEDIUM);...
CVE-2023-3651
CVE-2023-3651 affects Digital Ant E-Commerce Software prior to version 11. Root cause: improper neutralization of special elements in SQL commands, enabling SQL injection. Impacted component: the e-commerce software’s SQL handling. Documents indicate versions before 11 are vulnerable; CVSS metric...
CVE-2023-3653
CVE-2023-3653 is a Stored XSS in Digital Ant E-Commerce Software (versions before 11). The vulnerability arises from improper neutralization of input during web page generation. Impact is limited to web page content and could allow injection of malicious scripts when user-supplied data is reflect...