Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each time any user will open that mail of the website, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opencart 跨站脚本漏洞
Vulnerability Description
Opencart是中国Opencart公司的一套开源的电子商务系统。该系统提供产品评论、产品评分、产品添加等模块。 OpenCart 3.0.3.6 存在跨站脚本漏洞,攻击者可利用该漏洞将XSS有效载荷注入邮件的主题字段,每当任何用户打开该网站的邮件时,XSS就会触发,攻击者可利用该漏洞可以根据精心制作的有效载荷窃取cookie。
CVSS Information
N/A
Vulnerability Type
N/A