Cross-Site Scripting Risk in NIUSHOP V1.11 by NIU Technologies

CVE-2019-16310

What is CVE-2019-16310?

NIUSHOP V1.11 contains a vulnerability that allows for cross-site scripting (XSS) through the index.php?s=/admin URI. This security flaw could let attackers inject malicious scripts into web pages viewed by users, compromising their data and security. Organizations that utilize this product should apply necessary mitigations to safeguard against potential exploitation.

References