A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 through 2.17.0, where a privileged user (attacker) can inject malicious JavaScript in the filename under the “Manage files” tab
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2022-05-01T12:40:10.482227Z

Updated: 2024-09-16T17:17:57.190Z

Reserved: 2022-01-10T00:00:00

Link: CVE-2022-23060

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-01T13:15:07.677

Modified: 2024-11-21T06:47:54.470

Link: CVE-2022-23060

cve-icon Redhat

No data.