CVE-2012-2300

Name of the Vulnerable Software and Affected Versions Ubercart module versions 6.x-2.x before 6.x-2.8 Ubercart module versions 7.x-3.x before 7.x-3.1

Description The issue allows remote authenticated users with the administer product classes permission to inject arbitrary web script or HTML via unspecified vectors. This can be exploited by attackers to execute malicious scripts on the affected system.

Recommendations For Ubercart module versions 6.x-2.x before 6.x-2.8, update to version 6.x-2.8 or later. For Ubercart module versions 7.x-3.x before 7.x-3.1, update to version 7.x-3.1 or later.