opencart/opencart vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the opencart/opencart package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
H Improper Neutralization of Special Elements Used in a Template Engine	>=0.0.0
H Improper Neutralization of Special Elements Used in a Template Engine	>=0.0.0
H Arbitrary File Creation	>=4.0.0.0
H Arbitrary File Write via Archive Extraction (Zip Slip)	>=4.0.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
H SQL Injection	<3.0.4.0
M Cross-site Scripting (XSS)	>=0.0.0
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	>=0.0.0
M Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	>=0.0.0
L Cross-Site Request Forgery (CSRF)	>=3.0.3.6
H Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	>=4.0.0.0, <4.1.0.0
M SQL Injection	>=0.0.0
H SQL Injection	>=0.0.0
H Improper Input Validation	<2.3.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0