CVE-2020-37003

Name of the Vulnerable Software and Affected Versions Sellacious eCommerce version 4.6

Description Sellacious eCommerce 4.6 contains a persistent cross-site scripting issue in the Manage Your Addresses module. This allows attackers to inject malicious scripts into multiple address input fields, including full name, company, and address. Successful exploitation can lead to the execution of persistent script code, potentially enabling attackers to hijack user sessions and manipulate application modules.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.