Published: 2021/06/15 Last Updated: 2021/06/15

Information from EC-CUBE CO.,LTD.

Vulnerability ID:JVN#57524494
Title:Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

Please refer to the following URL for the modified version of the plug-in.

Business Form output plugin
https://www.ec-cube.net/products/detail.php?product_id=959

Email newsletters management plugin
https://www.ec-cube.net/products/detail.php?product_id=960

Category contents plugin
https://www.ec-cube.net/products/detail.php?product_id=1070