Description
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section.
Remediation
References
Related Vulnerabilities
WordPress Plugin Knews Multilingual Newsletters Cross-Site Request Forgery (1.2.5)
WordPress Plugin WPtouch Backdoor (1.9.28)
MySQL CVE-2019-2969 Vulnerability (CVE-2019-2969)
WordPress Plugin SEO Smart Links Cross-Site Scripting (3.0.1)
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)