Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804)
Oracle Application Server Other Vulnerability (CVE-2004-1362)
WordPress Plugin Hide My WP Cross-Site Scripting (4.51.1)
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
PostgreSQL Incorrect Authorization Vulnerability (CVE-2018-10925)