Vulnerabilities > Newbee Mall Project > Newbee Mall > 1.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-04-10 CVE-2022-27476 Cross-site Scripting vulnerability in Newbee-Mall Project Newbee-Mall 1.0.0
A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the goodsName parameter.
network
low complexity
newbee-mall-project CWE-79
6.1