OXID eShop Enterprise Edition
– Session Fixation Vulnerability
– Stored Cross Site Scripting Vulnerability
Date: 30.03.2010
– Description
OXID eShop EE is a widespread and popular CMS for online shops.
The current release (4.2.0) has been found vulnerable to a session fixation and a XSS attack.