Description
Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php.
Remediation
References
Related Vulnerabilities
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
Ruby Cryptographic Issues Vulnerability (CVE-2012-5371)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
Moodle Credentials Management Errors Vulnerability (CVE-2011-4587)