Posted by Henri Salo on Nov 19

This seems to be the same vulnerability as CVE-2014-7183[1] found by
Netsparker[2]. CVE-2014-7183 was fixed in version 1.2 according to the
changelog.

1: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7183
2: https://www.netsparker.com/xss-vulnerabilities-in-litecart/