A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop version 1.14 allows remote malicious users to inject arbitrary web script or HTML via user.php by registering an account directly in the user center, and then adding the payload to the delivery address.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ljcmsshop project ljcmsshop 1.14 |