Honcbb

**Name of the Vulnerable Software and Affected Versions** Zen Cart version 1.6.0 **Description** The issue concerns an XSS vulnerability in the `main page` parameter to the "index.php" endpoint. This allows for potential exploitation through malicious input. **Recommendations** For Zen Cart version 1.6.0, as a temporary workaround, consider restricting access to the `main page` parameter in the "index.php" endpoint until a patch is available. Avoid using the `main page` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.