Vulnerabilities > EC Cube > Amazon PAY > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-12 | CVE-2019-6003 | Cross-site Scripting vulnerability in Ec-Cube Amazon PAY 2.12/2.13/2.4.2 Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |