CNNVD-202602-017 Information

CNNVD ID

CNNVD-202602-017

Related CVE

CVE-2022-50941

• CNNVD Published: 2026-02-01

Description (Chinese)

Codecanyon BootCommerce是Codecanyon公司的一个电商平台。 Codecanyon BootCommerce 3.2.1版本存在跨站脚本漏洞，该漏洞源于访客订单结账输入字段存在输入验证漏洞，可能导致会话劫持、钓鱼攻击和应用程序模块操作。

Description (English)

Codecanyon BootCommerce is an electrician platform for Codecanyon. Codecanyon BootCommerce version 3.2.1 has a cross-site script loophole, which stems from input-validation gaps in the visitor order closing entry fields, which may lead to session hijacking, fishing attacks and application module operations.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Codecanyon

Published

2026-02-01

Last Modified

2026-02-24

References

https://codecanyon.net/item/bootcommerce-ecommerce-twitter-bootstrap-based/5702921 https://www.vulncheck.com/advisories/bootcommerce-persistent-cross-site-scripting-via-order-checkout https://www.vulnerability-lab.com/get_content.php?id=2279