Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
Vulnerable package dependencies [high]
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)
WordPress Plugin WP-Filebase Download Manager Multiple Unspecified Vulnerabilities (0.2.9.24)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.18)
WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1)