Skip to main content

Order Status Batch Change

1 CVEs product

Monthly

CVE-2021-20828 MEDIUM This Month

Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Order Status Batch Change
NVD
CVSS 3.1
6.1
EPSS
0.8%
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Order Status Batch Change
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy