Skip to main content

Shuup

2 CVEs product

Monthly

CVE-2021-25963 PyPI MEDIUM PATCH This Month

In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Shuup
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-25962 PyPI HIGH PATCH This Week

“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Shuup
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Shuup
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Shuup
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy