Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the redirect parameter of customer account/login route. An attacker can inject arbitrary HTML and Javascript into the page response. As this vulnerability is present in the account functionality it could be used to target and attack customers of the OpenCart shop. **Notes:** 1) The fix for this vulnerability is incomplete
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
OpenCart 安全漏洞
Vulnerability Description
OpenCart是中国香港OpenCart团队的一套开源的电子商务系统。该系统提供产品评论、产品评分、产品添加等模块。 OpenCart 存在安全漏洞,该漏洞源于存在反射型跨站脚本,攻击者可以将任意HTML和Javascript注入到页面响应中。
CVSS Information
N/A
Vulnerability Type
N/A