Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2020-29070
osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.005
EPSS Ranking
64.6%
CVSS Severity
CVSS v3 Score
4.8
CVSS v2 Score
3.5
References
https://forums.oscommerce.com/forum/17-news-and-announcements/
https://github.com/aslanemre/cve-2020-29070/blob/main/CVE-2020-29070
https://github.com/gburton/CE-Phoenix/commits/master
https://forums.oscommerce.com/forum/17-news-and-announcements/
https://github.com/aslanemre/cve-2020-29070/blob/main/CVE-2020-29070
https://github.com/gburton/CE-Phoenix/commits/master
Products affected by CVE-2020-29070
Oscommerce
»
Oscommerce
»
Version:
2.3.4.1
cpe:2.3:a:oscommerce:oscommerce:2.3.4.1
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved