Skip to main content

Aimeos

1 CVEs product

Monthly

CVE-2021-28380 PHP MEDIUM PATCH This Month

The aimeos (aka Aimeos shop and e-commerce framework) extension before 19.10.12 and 20.x before 20.10.5 for TYPO3 allows XSS via a backend user account. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Aimeos
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

The aimeos (aka Aimeos shop and e-commerce framework) extension before 19.10.12 and 20.x before 20.10.5 for TYPO3 allows XSS via a backend user account. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Aimeos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy