Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8563)
WordPress Plugin Easy Gallery Slideshow Cross-Site Scripting (1.1)
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3709)