CVE-2019-6003

Summary

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
LTD."EC-CUBE plugin ‘Amazon Pay Plugin 2.12,2.13’version 2.4.2 and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References