← Back to CVE List

CVE-2022-27476

Published: 2022-04-10T21:15Z
Last Modified: 2024-11-21T06:55Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the goodsName parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt