XSS in Oxid-esales Eshop
CVE-2014-2016
Multiple cross-site scripting (XSS) vulnerabilities in OXID eShop Professional and Community Edition 4.6.8 and earlier, 4.7.x before 4.7.11, and 4.8.x before 4.8.4, and Enterprise Edition 4.6.8 and earlier, 5.0.x before 5.0.11 and 5.1.x be…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.015 (70.6th percentile) — read the EPSS interpretation.
Affected products
- Oxid-esales Eshop
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)