Vulnerability Key Information Vulnerability Title Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS) EDB-ID 50490 Author Vulnerability-Lab Vulnerability Type WEBAPPS Release Date 2021-11-03 Vulnerability Platform MULTIPLE Vulnerable Application Isshue Shopping Cart 3.5 Vulnerability Description A persistent input validation vulnerability exists in version 3.5 of Isshue, a multi-store e-commerce shopping cart system. Technical Details and Description A persistent input validation vulnerability was discovered in the input field, allowing remote attackers to inject malicious script code and compromise application requests using a persistent attack vector. Vulnerability Level Medium User Interaction Medium user interaction Affected Modules stock customer invoice Vulnerable Parameter html Customer Name 2021-08-23: Researcher Notification & Coordination (Security Researcher) 2021-08-24: Vendor Notification (Security Department) 2021--: Vendor Response/Feedback (Security Department) 2021--: Vendor Fix/Patch (Service Development Team) 2021--**: Security Acknowledgment (Security Department) 2021-10-22: Public Disclosure (Vulnerability Lab)