CVE-2020-29587 – SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic …

14 January 2021

Vuln ID: CVE-2020-29587

Published: 2021-01-14 16:15:18Z

Description: SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic dialog boxes using Bootstrap modals. The Bootbox.js library intentionally does not perform any sanitization of user input, which results in a DOM XSS, because it uses the jQuery .html() function to directly append the payload to a dialog.

Source: NVD.NIST.GOV

Date:

14 January 2021

Categorie(s):

NVD

Tag(s):

NVD

TensorFlow AI models at risk due to Keras API flaw23 April 2024
Hackers infect users of antivirus service that delivered updates over HTTP23 April 2024
Top 5 Cybersecurity Threats That eCommerce Websites Should Watch Out For23 April 2024
Google ad for Facebook redirects to scam23 April 2024
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #38023 April 2024