Posted by Onur Yilmaz on Jan 08

Information
——————–
Advisory by Netsparker
Name: XSS Vulnerability in OpenCart
Affected Software : OpenCart
Affected Versions: v2.1.0.1 and possibly below
Vendor Homepage : http://www.opencart.com
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
CVE-ID : CVE-2015-4671
Netsparker Advisory Reference : NS-15-023

Description
——————–
By exploiting a Cross-site scripting vulnerability the attacker…