CVE-2020-29470

Cross-site Scripting in packagist/opencart/opencart

Identifier

CVE-2020-29470

Package Slug

packagist/opencart/opencart

Vulnerability

Cross-site Scripting

Description

OpenCart This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each time any user will open that mail of the website, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

Affected Versions

Version 3.0.3.6

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-01-01

source