AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.
jvn.jp/en/jp/JVN97197972/
www.welcart.com/archives/20106.html