Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
References
| Link | Resource |
|---|---|
| http://jvn.jp/en/jp/JVN44544694/281242/index.html | Third Party Advisory VDB Entry |
| http://jvn.jp/en/jp/JVN44544694/index.html | Third Party Advisory VDB Entry |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 | Third Party Advisory VDB Entry |
| https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 | Third Party Advisory |
| http://jvn.jp/en/jp/JVN44544694/281242/index.html | Third Party Advisory VDB Entry |
| http://jvn.jp/en/jp/JVN44544694/index.html | Third Party Advisory VDB Entry |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 | Third Party Advisory VDB Entry |
| https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:23
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://jvn.jp/en/jp/JVN44544694/281242/index.html - Third Party Advisory, VDB Entry | |
| References | () http://jvn.jp/en/jp/JVN44544694/index.html - Third Party Advisory, VDB Entry | |
| References | () http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 - Third Party Advisory, VDB Entry | |
| References | () https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 - Third Party Advisory |
Information
Published : 2015-02-27 02:59
Updated : 2025-04-12 10:46
NVD link : CVE-2015-0882
Mitre link : CVE-2015-0882
CVE.ORG link : CVE-2015-0882
JSON object : View
Products Affected
zen-cart
- zen_cart
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')