Description
Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component
References (1)
Core 1
Core References
Scores
EPSS
0.0006
EPSS Percentile
17.1%
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
Status
published
Published
Apr 30, 2026
Tracked Since
Apr 30, 2026