CVE-2021-20717 – Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to i …

10 May 2021

Vuln ID: CVE-2021-20717

Published: 2021-05-10 10:15:07Z

Description: Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator’s web browser.

Source: NVD.NIST.GOV

Date:

10 May 2021

Categorie(s):

NVD

Tag(s):

NVD

Bots dominate internet activity, account for nearly half of all traffic18 April 2024
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider18 April 2024
Hugely expanded Section 702 surveillance powers set for US Senate vote18 April 2024
Smashing Security podcast #368: Gary Barlow, and a scam turns deadly17 April 2024
Vorlon raises $15.7M to tackle third-party API risks17 April 2024