Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SKIP_CART_PAGE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
MyBB CVE-2020-22612 Vulnerability (CVE-2020-22612)
PHP Other Vulnerability (CVE-2006-4023)
WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (6.3.0)
WordPress Plugin wpCommentTwit Cross-Site Request Forgery (0.5)
WordPress Plugin Listing, Classified Ads & Business Directory-uListing SQL Injection (2.0.3)