Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in "mail/template" and "products/product" of Management page. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EC-CUBE 跨站脚本漏洞
Vulnerability Description
EC-CUBE是日本EC-CUBE公司的一套开源的电子商务系统。 EC-CUBE 2.11.0版本至2.17.2-p1版本存在安全漏洞,该漏洞源于存在跨站脚本漏洞,可以在其他管理员或使用该产品访问网站的用户的网络浏览器上执行任意脚本。
CVSS Information
N/A
Vulnerability Type
N/A