Cross-site scripting (XSS) vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
XSS
PHP
Storesprite
NVD
CVSS 2.0
2.6
EPSS
0.6%