Description

Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.

Remediation

References

CVE-2015-0882

Related Vulnerabilities

WordPress Plugin Webmention Cross-Site Scripting (4.0.8)

MySQL CVE-2015-0441 Vulnerability (CVE-2015-0441)

WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)

MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-39193)

WordPress Plugin YITH WooCommerce Zoom Magnifier Security Bypass (1.3.11)

Severity

Medium

Classification

CVE-2015-0882 CWE-707

Tags

Missing Update Known Vulnerabilities