cvedb.io
CVE-2023-23010
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2023-01-20T19:15:18.010 · Last modified 2026-06-17T05:36:36.943

Summary

Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php.

Affected products

ecommerce-codeigniter-bootstrap_project — ecommerce-codeigniter-bootstrap

Does this affect you?

Add your gear to cvedb and we'll alert you only when ecommerce-codeigniter-bootstrap_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.