CVE-2022-35493

A Cross-site scripting (XSS) vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the get_products?search parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wrteam:eshop_-_ecommerce_\/_store_website:*:*:*:*:*:*:*:*

Information

Published : 2022-08-08 08:15

Updated : 2022-08-12 07:51


NVD link : CVE-2022-35493

Mitre link : CVE-2022-35493


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

wrteam

  • eshop_-_ecommerce_\/_store_website