Описание
A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter
Ссылки
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mezereon:smart_search_and_filter:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.0003
Низкий
8.1 High
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 8.1
github
5 месяцев назад
A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the color filter parameter.
EPSS
Процентиль: 8%
0.0003
Низкий
8.1 High
CVSS3
Дефекты
CWE-79