XSS in Oxid-esales Eshop

CVE-2014-2016

Multiple cross-site scripting (XSS) vulnerabilities in OXID eShop Professional and Community Edition 4.6.8 and earlier, 4.7.x before 4.7.11, and 4.8.x before 4.8.4, and Enterprise Edition 4.6.8 and earlier, 5.0.x before 5.0.11 and 5.1.x be…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.015 (70.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References