CVE-2018-20141 (abantecart) AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel–accessories?sort= substring. Source: NIST March 21, 2019 by admin Uncategorized