CVE-2018-20141
AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel–accessories?sort= substring.
Date published : 2019-03-17
http://packetstormsecurity.com/files/151305/Abantecart-1.2.12-Cross-Site-Scripting.html