Vulnerabilities

CVE-2018-7465

by Fred · 26/04/2018

An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding to the value and saving the product/config. By editing back the product/config, the editor’s browser will execute everything after the , leading to a possible XSS.

Date published : 2018-04-26

https://www.exploit-db.com/exploits/44625/

http://virtuemart.net/news/489-virtuemart-3-2-14-security-release-and-enhanced-invoice-handling

Similar

Tags: Cybersecurity Alert