CVE-2012-10004

Name of the Vulnerable Software and Affected Versions backdrop-contrib Basic Cart versions prior to 1.x-1.1.1

Description A vulnerability was found in backdrop-contrib Basic Cart on Drupal, classified as problematic. It affects the function basic cart checkout form submit of the file basic cart.cart.inc, leading to cross-site scripting. The attack can be launched remotely.

Recommendations For versions prior to 1.x-1.1.1, upgrade to version 1.x-1.1.1 to address this issue. As a temporary workaround, consider disabling the basic cart checkout form submit function until the patch is applied.