OpenCart-Overclocked version <=1.11.1 contains a Cross Site Scripting (XSS) vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be exploitable via Malicious input passed in GET parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-08-20T19:00:00Z
Updated: 2024-09-16T21:07:35.190Z
Reserved: 2018-08-20T00:00:00Z
Link: CVE-2018-1000640
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-08-20T19:31:35.980
Modified: 2024-11-21T03:40:18.203
Link: CVE-2018-1000640
Redhat
No data.