PT-2016-4625 · Ec Cube+1 · Ec-Cube+1

Gen Sato

·

Publicado

2016-04-08

·

Atualizado

2021-05-14

·

CVE-2016-1180

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Cyber-Will Social-button Premium plugin version 1.1 and earlier for EC-CUBE 2.13.x
Description The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote attackers to inject arbitrary web script or HTML.
Recommendations For Cyber-Will Social-button Premium plugin version 1.1 and earlier, update to version 1.1 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2016-1180

Produtos afetados

Cyber-Will Social-Button Premium Plugin
Ec-Cube