In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2021-09-30T07:50:11.121350Z
Updated: 2024-09-17T03:43:53.734Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25963
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-30T08:15:06.357
Modified: 2024-11-21T05:55:41.190
Link: CVE-2021-25963
Redhat
No data.