CVE-2020-10596

Published March 17th, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

1

PROJECT

Description

OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section.

opencart/opencart

A free shopping cart system. OpenCart is an open source PHP-based online e-commerce solution.

GitHub

8.14K