Описание
Cross Site Scripting in evershop
Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a crafted request to the ProductGrid function in admin/productGrid/Grid.jsx.
Пакеты
Наименование
@evershop/evershop
npm
Затронутые версииВерсия исправления
< 1.0.0-rc.5
1.0.0-rc.5
Связанные уязвимости
CVSS3: 6.1
nvd
около 2 лет назад
Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a crafted request to the ProductGrid function in admin/productGrid/Grid.jsx.