CVE-2024-57277 Information

Jan 25, 2025 cve

Description

InnoShop V.0.3.8 and below is vulnerable to Cross Site Scripting (XSS) via SVG file upload.

Reference

https://github.com/innocommerce/innoshop/issues/115 https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Innocommerce/Findings.md https://youtu.be/ved96wsIYlQ

Share on: