Description
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Visual Composer:Page Builder for WordPress Local File Inclusion (5.1)
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983)