Description
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section.
Remediation
References
Related Vulnerabilities
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5270)
Nginx Other Vulnerability (CVE-2016-0742)
WordPress Improper Input Validation Vulnerability (CVE-2019-20041)
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-39061)
WordPress Plugin Newsletter Manager PHP Object Injection (1.5.1)