Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities
BID:21842
Info
Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 21842 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 02 2007 12:00AM |
| Updated: | Jan 04 2007 07:16PM |
| Credit: | The vendor disclosed these issues. |
| Vulnerable: |
Zen Cart Web Shopping Cart 1.3.5 Zen Cart Web Shopping Cart 1.3.2 Zen Cart Web Shopping Cart 1.2.7 Zen Cart Web Shopping Cart 1.2.6 d Zen Cart Web Shopping Cart 1.1.2 d Zen Cart Web Shopping Cart 1.3.0.2 |
| Not Vulnerable: |
Zen Cart Zen Cart 1.3.7 |
Discussion
Exploit / POC
Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities
An attacker can exploit these vulnerabilities via a web client.
An attacker can exploit these vulnerabilities via a web client.
Solution / Fix
Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities
Solution:
The vendor has released version 1.3.7 to address these issues. Please see the references for more information.
Solution:
The vendor has released version 1.3.7 to address these issues. Please see the references for more information.
References
Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities
References:
References:
- Vendor Home Page (Zen Cart)
- Zen Cart Release Announcements (Zen Cart)