CVE-2020-12058
CVE-2020-12058 affects osCommerce CE Phoenix prior to 1.0.6.0, where multiple XSS flaws allow injection/execution of arbitrary JavaScript. Vulnerable components include admin scripts such as order_status.php, tax_rates.php, languages.php, countries.php, tax_classes.php, reviews.php, zones.php, an...