Medium severity6.1NVD Advisory· Published Apr 8, 2016· Updated Jun 17, 2026
CVE-2016-1180
CVE-2016-1180
Description
Cross-site scripting (XSS) vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:cyber-will:social-button_premium:*:*:*:*:*:ec-cube:*:*Range: <=1.0
- Range: <1.1
Patches
Vulnerability mechanics
References
4- jvn.jp/en/jp/JVN78482127/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2016-000048nvdThird Party AdvisoryVDB EntryVendor Advisory
- www.cyber-will.co.jp/SA_JVN_78482127nvdVendor Advisory
- www.ec-cube.net/products/detail.phpnvdVendor Advisory
News mentions
0No linked articles in our index yet.