CVE-2021-39402

MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt