CVE-2018-16191

Name of the Vulnerable Software and Affected Versions EC-CUBE versions 3.0.0 through 3.0.16

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This is achieved via unspecified vectors, potentially affecting a large number of users.

Recommendations For EC-CUBE versions 3.0.0 through 3.0.16, update to a version that contains a fix for this issue to prevent remote attackers from redirecting users to arbitrary web sites. At the moment, there is no information about a newer version that contains a fix for this vulnerability.