Total vulnerabilities in the database
In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulating the "post description" filed in the blog post creation page.
CVSS v3:
CVSS v2:
CWEs:
OWASP TOP 10: