[MEDIUM] EC-CUBE DOM-based cross-site scripting vulnerability

PKSA-kknk-hs9h-n1jp CVE-2022-38975 GHSA-pggw-rqfm-72rh

Affected package: ec-cube/ec-cube

Affected version: >=4.0.0,<=4.1.2

Reported by:
GitHub