Posted by ITAS Team on Nov 02
#Vulnerability: Cross-Site Scripting
#Vendor: http://www.zeuscart.com
#Download link: http://zeuscart.com/download/
#Affected version: Zeuscart V4
#CVSS v3.0 Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
#Condition: The attack is performed by an “Anonymous User”
#Payload: “–><ScRipt>alert(/ITASVN/)</ScRipT>
#Fix version: N/A
#Author: Dang Quoc Thai – thai.q.dang () itas vn và ITAS Team
::PROOF OF CONCEPT::
+…