CVE-2018-20141

CVE-2018-20141

EPSS 1.6%

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/151305/Abantecart-1.2.12-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2019/Jan/59 https://github.com/abantecart