VYPR
Medium severity6.1OSV Advisory· Published Mar 21, 2019· Updated Jun 17, 2026

CVE-2018-20141

CVE-2018-20141

Description

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • AbanteCart/AbanteCartOSV2 versions
    1.2.10, 1.2.11, 1.2.12, …+ 1 more
    • (no CPE)range: 1.2.10, 1.2.11, 1.2.12, …
    • (no CPE)range: =1.2.12

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.