Vulnerability Details CVE-2021-28380
The aimeos (aka Aimeos shop and e-commerce framework) extension before 19.10.12 and 20.x before 20.10.5 for TYPO3 allows XSS via a backend user account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2021-28380
-
cpe:2.3:a:aimeos_project:aimeos:-
-
cpe:2.3:a:aimeos_project:aimeos:19.10.11
-
cpe:2.3:a:aimeos_project:aimeos:20.0.0
-
cpe:2.3:a:aimeos_project:aimeos:20.10.4