Unrated severityNVD Advisory· Published Nov 18, 2020· Updated Aug 4, 2024

CVE-2020-22723

Description

A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop version 1.14 allows remote attackers to inject arbitrary web script or HTML via user.php by registering an account directly in the user center, and then adding the payload to the delivery address.

Affected products

Beijing Liangjing Zhicheng Technology Co., Ltd/ljcmsshopdescription
Beijing Liangjing Zhicheng Technology Co., Ltd/ljcmsshopllm-create
Range: =1.14

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

baijiahao.baidu.com/smitrex_refsource_MISC
www.freebuf.com/articles/web/192318.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000