Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
References
Link | Resource |
---|---|
https://herolab.usd.de/security-advisories/ | Third Party Advisory |
https://herolab.usd.de/security-advisories/usd-2019-0069/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-19T03:29:09
Updated: 2021-03-19T03:29:09
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6578
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-19T04:15:13.187
Modified: 2021-03-25T00:48:09.067
Link: CVE-2020-6578
JSON object: View
Redhat Information
No data.
CWE