A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 up to and including 2.17.0 via the “Manage Images” tab, which allows an malicious user to upload a SVG file containing malicious JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shopizer shopizer |