CVE-2018-1000640
N/A
N/A
Summary
OpenCart-Overclocked version <=1.11.1 contains a Cross Site Scripting (XSS) vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be exploitable via Malicious input passed in GET parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://0dd.zone/2018/08/05/OpenCart-Overclocked-Reflected-XSS/
- https://github.com/villagedefrance/OpenCart-Overclocked/issues/190
References
- https://0dd.zone/2018/08/05/OpenCart-Overclocked-Reflected-XSS/
- https://github.com/villagedefrance/OpenCart-Overclocked/issues/190
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.