[MEDIUM] EC-CUBE Cross-site scripting vulnerability

PKSA-fbnq-1prz-vy1w CVE-2021-20750 GHSA-vrpv-26fm-7vf7

Affected package: ec-cube/ec-cube

Affected version: >=4.0.0,<=4.0.5-p1|>=3.0.0,<=3.0.18-p2

Reported by:
GitHub