Vulnerabilities

CVE-2022-21149

by Fred · 01/05/2022

The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user’s account through the stolen cookie.

Date published : 2022-05-01

https://snyk.io/vuln/SNYK-PHP-SCARTCORE-2389036

https://snyk.io/vuln/SNYK-PHP-SCARTSCART-2389035

Similar

Tags: Cybersecurity Alert