Published: 2020/12/03  Last Updated: 2020/12/03

Information from EC-CUBE CO.,LTD.

Vulnerability ID:JVN#24457594
Title:Multiple vulnerabilities in EC-CUBE

This is a statement from the vendor itself with no modification by JPCERT/CC.

Details of the vulnerability and how to fix it are described below.

Improper Restriction of Rendered UI Layers or Frames

Improper Input Validation