Hi, I found 2 security issues (a XSS and a redirect) in OpenCart version 3.0.2.0, for the security reason, I can鈥檛 post them here.
Can you provide me an email address to report them please? If possible, please provide your PGP key as well, so I can encrypt the details about this security issue when sending them.
You can reach me at [email protected]
From the README.
If you would like to report a serious security bug please PM an OpenCart moderator/administrator on the forum. Please do not report concept/ideas/unproven security flaws - all security reports are taken seriously but you must include the EXACT details steps to reproduce it. Please DO NOT post security flaws in a public location.
it will be a bullshit one that requires admin access
Hi Daniel, It won't need any permission, can I send it to you by email? @danielkerr
Hi @OmgImAlexis , I have sent a PM on the forum, but no reply, can you provide me an email address to post them? To trigger the attack, it won't need any permission.