XSS in Oxid-esales Eshop
CVE-2013-5913
Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.x before 5.0.8 allows remote attackers t…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.014 (69.3th percentile) — read the EPSS interpretation.
Affected products
- Oxid-esales Eshop — versions 4.6.0, 4.6.1, 4.6.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (VDB Entry, vdb-entry, x_refsource_XF)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry, Broken Link)