XSS in Zen-cart Zen_cart
CVE-2012-1413
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.009 (53.5th percentile) — read the EPSS interpretation.
Affected products
- Zen-cart Zen_cart — versions 1.1.0, 1.1.3, 1.2.0d
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_MISC)