CVE-2021-20825

Summary

Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
shiro8 Co., Ltd.List (order management) item change plug-in (for EC-CUBE 3.0 series)Ver.1.1 and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References