Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities

Zen Cart Multiple Unspecified Cross-Site Scripting Vulnerabilities

Zen Cart is prone to multiple unspecified cross-site scripting vulnerability.

An attacker can exploit these issues to execute arbitrary HTML and script code in a userâ??s browser session in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Zen Cart versions prior to 1.3.7 are vulnerable to these issues.