Posted by Curesec Research Team (CRT) on Nov 06

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: CubeCart 6.0.7
Fixed in: 6.0.8
Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip
Vendor Contact: sales () cubecart com
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Coordinated release
CVE: n/a
Credits Tim Coen…