First published: Fri Jul 23 2021(Updated: )
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
E-commerce Website Project E-commerce Website | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this XSS vulnerability is CVE-2021-25204.
CVE-2021-25204 has a severity level of medium (5.4).
Version 1.0 of the E-commerce Website Project E-commerce Website is affected by CVE-2021-25204.
An attacker can exploit CVE-2021-25204 by injecting arbitrary web script or HTML through the subject field of feedback_process.php.
Yes, you can find more information about CVE-2021-25204 at the following link: https://github.com/BigTiger2020/E-Commerce-Website/blob/main/E-Commerce%20Website-xss.md