Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
osCommerce跨站脚本漏洞
Vulnerability Description
osCommerce是一套基于GNUGPL授权的开源在线购物电子商务解决方案。 osCommerce中存在未明跨站脚本漏洞,该漏洞源于对用户提供的数据未经正确验证。攻击者可利用该漏洞在受影响站点上下文的不知情用户浏览器上执行任意脚本代码,窃取基于cookie的认证证书进而发起其他攻击。
CVSS Information
N/A
Vulnerability Type
N/A