Skip to content

Reflected XSS on AdminCarts page

Moderate
PierreRambaud published GHSA-q6pr-42v5-v97q Apr 20, 2020

Package

No package listed

Affected versions

> 1.7.1.0

Patched versions

1.7.6.5

Description

Impact

Reflected XSS on AdminCarts page with cartBox parameter

Patches

The problem is fixed in 1.7.6.5

References

Cross-site Scripting (XSS) - Generic (CWE-79)
Introduce by this commit 26a7b58

Severity

Moderate

CVE ID

CVE-2020-5276

Weaknesses

No CWEs