CVE-2021-32607

Published May 12th, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message.

smartstore/SmartStoreNET

Open Source ASP.NET MVC Enterprise eCommerce Shopping Cart Solution

GitHub

2.66K