Lucene search
GoogleOSV:CVE-2022-21149HistoryMay 01, 2022 - 4:15 p.m.
CVE-2022-21149
2022-05-0116:15:08
Google
osv.dev
3
The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user’s account through the stolen cookie.
Related
cvelist
cvelist
CVE-2022-21149 Cross-site Scripting (XSS)
2022-05-01 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2022-05-05 17:58:52
osv
osv
SCart is vulnerable to cross-site scripting (XSS)
2022-05-03 00:00:46
cve
cve
CVE-2022-21149
2022-05-01 16:15:08
prion
prion
Cross site scripting
2022-05-01 16:15:00
cnvd
cnvd
s-cart Cross-Site Scripting Vulnerability (CNVD-2022-70091)
2022-05-07 00:00:00
github
github
SCart is vulnerable to cross-site scripting (XSS)
2022-05-03 00:00:46
nvd
nvd
CVE-2022-21149
2022-05-01 16:15:08