CVE-2023-46499

EverShop versions prior to 1.0.0-rc.5 are vulnerable to a stored cross-site scripting (XSS) issue within the Admin Panel [1][3]. The vulnerability stems from improper neutralization of input during web page generation, allowing attackers to inject malicious scripts that are persistently stored on the server [3]. Affected inputs include fields used when creating new products and during user registration [3].

The attack surface is broad: an unauthenticated remote attacker can inject a crafted script during the user registration process, which will later be executed when an administrator visits the users' section of the Admin Panel [3]. Additionally, authenticated users with product creation privileges can store malicious code in product fields [3]. The vulnerability does not require any special network position beyond web access [1].

Successful exploitation allows an attacker to obtain sensitive information, perform actions on behalf of the administrator, and potentially achieve account takeover [1][3]. This can lead to full compromise of the e-commerce backend and the data it handles.

A fix was implemented in pull request #244 and released in version 1.0.0-rc.5 [4]. Users should upgrade to this version or later to mitigate the risk [3].