← back
CVE-2019-8290

CVE-2019-8290

EPSS 1.2%
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.
Affected products
abcprintf · Online Store

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.abcprintf.com/view_download.php?id=17http://www.openwall.com/lists/oss-security/2019/10/02/1http://www.vapidlabs.com/advisory.php?v=210