Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BootCommerce 3.2.1 Persistent Cross-Site Scripting via Order Checkout
Vulnerability Description
BootCommerce 3.2.1 contains persistent input validation vulnerabilities that allow remote attackers to inject malicious script code through guest order checkout input fields. Attackers can exploit unvalidated input parameters to execute arbitrary scripts, potentially leading to session hijacking, phishing attacks, and application module manipulation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Codecanyon BootCommerce 跨站脚本漏洞
Vulnerability Description
Codecanyon BootCommerce是Codecanyon公司的一个电商平台。 Codecanyon BootCommerce 3.2.1版本存在跨站脚本漏洞,该漏洞源于访客订单结账输入字段存在输入验证漏洞,可能导致会话劫持、钓鱼攻击和应用程序模块操作。
CVSS Information
N/A
Vulnerability Type
N/A