What the vulnerability does
01Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in xtemos WoodMart woodmart allows Code Injection.This issue affects WoodMart: from n/a through <= 8.3.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in xtemos WoodMart woodmart allows Code Injection.This issue affects WoodMart: from n/a through <= 8.3.7.
Explanation of Vulnerability in Simple Terms
WoodMart versions up to 8.3.7 contain an improper input validation vulnerability that exposes sensitive information. An attacker on the network can read non-public data without authentication or user interaction. The vulnerability has a CVSS score of 5.3, indicating moderate risk to site confidentiality.
What an attacker can do
Read sensitive information from the site without logging in.
Potential impact on your site
Visitor data or site configuration details may be exposed to unauthenticated attackers.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities