In Shuup, versions 1.6.0 up to and including 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shuup shuup |