In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2021-09-30T07:50:11.121350Z
Updated: 2024-09-17T03:43:53.734Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25963
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-09-30T08:15:06.357
Modified: 2021-10-07T03:02:46.987
Link: CVE-2021-25963
Redhat
No data.