A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 through 2.17.0, where a privileged user (attacker) can inject malicious JavaScript in the filename under the “Manage files” tab
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2022-05-01T12:40:10.482227Z
Updated: 2024-09-16T17:17:57.190Z
Reserved: 2022-01-10T00:00:00
Link: CVE-2022-23060
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-01T13:15:07.677
Modified: 2024-11-21T06:47:54.470
Link: CVE-2022-23060
Redhat
No data.