CVE-2021-47769
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bdtask | isshue_shopping_cart | 3.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47769 is a persistent cross-site scripting (XSS) vulnerability in Isshue Shopping Cart version 3.5. It occurs in the 'title' input fields across the stock, customer, and invoice modules due to insufficient input validation. Attackers with privileged user accounts (such as moderators, managers, keepers, or admins) can inject malicious scripts via POST requests into these title fields. These scripts persist on the server and execute when the affected modules are previewed or rendered, allowing attackers to perform actions like session hijacking, persistent phishing, unauthorized redirects, and manipulation of application modules. [2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers with privileged access to inject malicious scripts that persist in the application. These scripts can execute in users' browsers during preview or rendering of affected modules, potentially leading to session hijacking, persistent phishing attacks, unauthorized redirects to malicious websites, and manipulation of the stock, customer, or invoice modules. This compromises user sessions and the integrity of the application, posing a medium security risk. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to inject malicious scripts into the 'title' input fields of the stock, customer, and invoice modules via POST requests. You can test by sending crafted POST requests with script payloads in the 'title' parameter and then checking if the script executes during preview or rendering of these modules. For example, using curl to send a POST request with a payload like <script>alert(1)</script> in the title field to the relevant endpoints can help detect the vulnerability. Monitoring HTTP traffic for suspicious POST requests containing script tags in the 'title' parameter can also help detect exploitation attempts. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting privileged user access to trusted personnel only, as exploitation requires privileged user accounts. Additionally, implement input validation and sanitization on the 'title' input fields in the stock, customer, and invoice modules to prevent script injection. If possible, apply patches or updates from the vendor addressing this vulnerability. Monitoring and logging user input and preview actions can help detect and respond to exploitation attempts. [2, 3]