Vulnerabilities > Shiro8 > Category Freearea Addition
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-28 | CVE-2016-1205 | Cross-site Scripting vulnerability in Shiro8 products Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_freearea_ addition_plugin plugin 1.0 and (2) itemdetail_freearea_ addition_plugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |