Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php.
References
| Link | Resource |
|---|---|
| https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/56465fb6a83aaa934a76615a8579100938b790a1 | Patch Third Party Advisory |
| https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/219 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
22 Aug 2022, 18:35
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:ecommerce-codeigniter-bootstrap_project:ecommerce-codeigniter-bootstrap:*:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
| CWE | CWE-79 | |
| References | (MISC) https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/219 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
| References | (MISC) https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/56465fb6a83aaa934a76615a8579100938b790a1 - Patch, Third Party Advisory |
18 Aug 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-08-18 20:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-35213
Mitre link : CVE-2022-35213
CVE.ORG link : CVE-2022-35213
JSON object : View
Products Affected
ecommerce-codeigniter-bootstrap_project
- ecommerce-codeigniter-bootstrap
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')