XSS in Phoenixcart Ce Phoenix

CVE-2024-58296

CE Phoenix v3.0.1 contains a stored cross-site scripting vulnerability in the currencies administration panel that allows attackers to inject malicious scripts. Attackers can insert XSS payloads in the title field to execute arbitrary Java…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (22.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References