VYPR
Unrated severityNVD Advisory· Published Jun 30, 2013· Updated Jun 16, 2026

CVE-2013-3653

CVE-2013-3653

Description

Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HTML via vectors involving the rank parameter, a different vulnerability than CVE-2013-3652.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:lockon:ec-cube:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:lockon:ec-cube:*:*:*:*:*:*:*:*range: <=2.12.4
    • cpe:2.3:a:lockon:ec-cube:2.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:lockon:ec-cube:2.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:lockon:ec-cube:2.12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:lockon:ec-cube:2.12.3:*:*:*:*:*:*:*
    • (no CPE)range: <2.12.5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.