In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2021-09-30T07:50:11.121350Z

Updated: 2024-09-17T03:43:53.734Z

Reserved: 2021-01-22T00:00:00

Link: CVE-2021-25963

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-30T08:15:06.357

Modified: 2024-11-21T05:55:41.190

Link: CVE-2021-25963

cve-icon Redhat

No data.