Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)
WebLogic CVE-2018-3250 Vulnerability (CVE-2018-3250)
Moodle DEPRECATED: Code Vulnerability (CVE-2015-3177)
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.14)
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)