XSS in Oxid-esales Eshop

CVE-2013-5913

Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.x before 5.0.8 allows remote attackers t…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.014 (69.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References