Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-7pfc-cx3m-v22x: SCart is vulnerable to cross-site scripting (XSS)

SCart e-commerce is a free open source for businesses, built on the Laravel framework. The package s-cart/s-cart before 6.9 and the package s-cart/core before 6.9 are vulnerable to cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL. An attacker can gain unauthorized access to that user’s account through the stolen cookie.

ghsa
#xss#git#auth

SCart is vulnerable to cross-site scripting (XSS)

Moderate severity GitHub Reviewed Published May 3, 2022 • Updated May 23, 2022

ghsa: Latest News

GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager