CVE-2013-7317
CS-Cart <4.1.1 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) ampie.swf, (b) amline.swf, or (c) amcolumn.swf.
Scores
EPSS
0.0059
EPSS Percentile
68.9%
Details
CWE
CWE-79
Status
published
Products (36)
cs-cart/cs-cart
< 4.0.3
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
cs-cart/cs-cart
... and 26 more
Published
Jan 24, 2014
Tracked Since
Feb 18, 2026