Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) ampie.swf, (b) amline.swf, or (c) amcolumn.swf.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-01-24T15:00:00Z

Updated: 2024-09-17T02:32:17.527Z

Reserved: 2014-01-24T00:00:00Z

Link: CVE-2013-7317

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2014-01-24T15:08:00.793

Modified: 2014-02-25T02:14:35.713

Link: CVE-2013-7317

cve-icon Redhat

No data.