CVE-2021-20743
CVE-2021-20743 is a cross-site scripting vulnerability in the EC-CUBE Email newsletters management plugin for EC-CUBE 3.0.x, prior to plugin version 1.0.4 . The issue allows a remote attacker to cause an arbitrary script to run in a user’s browser by guiding them to a specially crafted page and p...