Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
PHP NULL Pointer Dereference Vulnerability (CVE-2017-9229)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31554)
WordPress Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2020-4050)