Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop prior to 4.6.7, Professional and Community Edition 4.7.x prior to 4.7.8, and Enterprise Edition 5.x prior to 5.0.8 allows remote malicious users to inject arbitrary web script or HTML via the searchrecomm parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oxid-esales eshop 4.6.4 |
||
oxid-esales eshop |
||
oxid-esales eshop 4.7.2 |
||
oxid-esales eshop 4.7.3 |
||
oxid-esales eshop 4.7.4 |
||
oxid-esales eshop 4.7.6 |
||
oxid-esales eshop 4.7.7 |
||
oxid-esales eshop 5.0.6 |
||
oxid-esales eshop 4.7.0 |
||
oxid-esales eshop 4.7.1 |
||
oxid-esales eshop 5.0.1 |
||
oxid-esales eshop 5.0.2 |
||
oxid-esales eshop 5.0.3 |
||
oxid-esales eshop 5.0.4 |
||
oxid-esales eshop 4.6.0 |
||
oxid-esales eshop 4.6.1 |
||
oxid-esales eshop 4.6.2 |
||
oxid-esales eshop 4.7.5 |
||
oxid-esales eshop 4.6.3 |
||
oxid-esales eshop 4.6.5 |
||
oxid-esales eshop 5.0.0 |
||
oxid-esales eshop 5.0.5 |
||
oxid-esales eshop 5.0.7 |