Description
AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2010-3718)
WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
WordPress Plugin Responsive Cookie Consent Cross-Site Scripting (1.7)
WordPress Plugin Easy2Map Photos Cross-Site Scripting (2.0.6)
WordPress Plugin Gallery by BestWebSoft Cross-Site Scripting (4.2.1)