Description
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section.
Remediation
References
Related Vulnerabilities
WordPress Plugin GigPress Multiple SQL Injection Vulnerabilities (2.3.8)
WordPress Plugin WP-Filebase Download Manager Remote Code Execution (0.3.0.03)
Oracle Database Server CVE-2010-0911 Vulnerability (CVE-2010-0911)
MySQL CVE-2013-1567 Vulnerability (CVE-2013-1567)
WordPress Plugin fitness calculators Cross-Site Request Forgery (1.9.5)