XSS in Zen-cart Zen_cart

CVE-2011-4547

Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML v…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.012 (63.6th percentile) — read the EPSS interpretation.

Affected products

Zen-cart Zen_cart — versions 1.3.9h
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (vdb-entry, x_refsource_BID)