Script Injection Vulnerability in Shopizer (CVE-XXXX-XXXX)

Script Injection Vulnerability in Shopizer (CVE-XXXX-XXXX)

CVE-2020-11006 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend. This has been patched in version 2.11.0.

Learn more about our Web Application Penetration Testing UK.