- Lana Codes
- Common Vulnerabilities
Official Integration for Billingo by PWS Online Kft. <= 3.3.9 - ShopManager+ Stored XSS
LANACOMMONVDB ID: 2dc99254-1f3d-4b84-8a6b-72bc89cbaa1d
The plugin does not sanitize and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting (XSS) attacks.
You must be log in to view vulnerability details.
Or register a new account.