s-cart/s-cart and s-cart/core are vulnerable to cross-site scripting(XSS) attacks. An attacker is able to steal user cookies by tricking a victim to visit a specifically crafted URL and gain unauthorized access to that user’s account.
CPE | Name | Operator | Version |
---|---|---|---|
s-cart/s-cart | le | 6.9.x-dev | |
s-cart/core | le | 6.9.x-dev | |
s-cart/s-cart | le | 6.9.x-dev | |
s-cart/core | le | 6.9.x-dev |