Vulnerabilities > Litecart > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-27168 | Cross-site Scripting vulnerability in Litecart Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 6.1 |
| 2020-02-25 | CVE-2020-9018 | Cross-Site Request Forgery (CSRF) vulnerability in Litecart LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user. | 5.3 |