Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) ampie.swf, (b) amline.swf, or (c) amcolumn.swf.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.kb.cert.org/vuls/id/405942 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-24T15:00:00Z
Updated: 2024-09-17T02:32:17.527Z
Reserved: 2014-01-24T00:00:00Z
Link: CVE-2013-7317
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-01-24T15:08:00.793
Modified: 2014-02-25T02:14:35.713
Link: CVE-2013-7317
Redhat
No data.