xt:Commerce 3 suffers from a second order SQL injection vulnerability that can be leveraged to reset passwords of arbitrary users and administrators.
9e3a37b7a87b6f0a5036cf569879b12c6788f73c69e4a9ca19a78276984e9a6f
© 2022 Packet Storm. All rights reserved.