CVE-2020-29470

MEDIUM

OpenCart 3.0.3.6 - Stored Cross-Site Scripting in Mail Subject Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-29470. PoCs published by Hemant Patidar.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in OpenCart 3.0.3.6, where a malicious script can be injected into the 'subject' field of a mail, triggering when any user opens the mail. The PoC includes a sample HTTP POST request with the payload.

Description

OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each time any user will open that mail of the website, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

Exploits (1)

exploitdb WORKING POC

by Hemant Patidar · textwebappsphp

https://www.exploit-db.com/exploits/49099

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in OpenCart 3.0.3.6, where a malicious script can be injected into the 'subject' field of a mail, triggering when any user opens the mail. The PoC includes a sample HTTP POST request with the payload.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: OpenCart 3.0.3.6

Auth required

Prerequisites: Access to OpenCart admin panel · Valid user token

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/49099

Scores

CVSS v3 4.8

EPSS 0.0055

EPSS Percentile 68.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (2)

opencart/opencart 3.0.3.6

opencart/opencart Packagist

Published Dec 29, 2020

Tracked Since Feb 18, 2026