Skip to main content

List Order Management Item Change

1 CVEs product

Monthly

CVE-2021-20825 MEDIUM This Month

Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS List Order Management Item Change
NVD
CVSS 3.1
6.1
EPSS
0.8%
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS List Order Management Item Change
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy