CVE-2021-47856

Name of the Vulnerable Software and Affected Versions Easy Cart Shopping Cart version 2021

Description The software contains a non-persistent cross-site scripting issue in the search module. An attacker can inject malicious script code through the search input, specifically the keyword parameter, potentially compromising user sessions and manipulating application content. The affected API endpoint is the search functionality. The vulnerable parameter is keyword.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.