Количество 2
Количество 2
CVE-2021-33561
A stored cross-site scripting (XSS) vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via customer_name in various forms of store administration. It is saved in the database. The code is executed for any user of store administration when information is fetched from the backend, e.g., in admin/customers/list.html.
GHSA-rcp4-jm2v-mr3f
Cross-site scripting in Shopizer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-33561 A stored cross-site scripting (XSS) vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via customer_name in various forms of store administration. It is saved in the database. The code is executed for any user of store administration when information is fetched from the backend, e.g., in admin/customers/list.html. | CVSS3: 4.8 | 1% Низкий | больше 4 лет назад |
| GHSA-rcp4-jm2v-mr3f Cross-site scripting in Shopizer | CVSS3: 4.8 | 1% Низкий | больше 4 лет назад |
Уязвимостей на страницу