CVE-2021-20751
N/A
N/A
Summary
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| EC-CUBE CO.,LTD. | EC-CUBE | EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) | affected |
Weaknesses
- Cross-site scripting
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.