Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "PACKING_SLIPS_SUMMARY_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin xili-tidy-tags Cross-Site Request Forgery (1.12.03)
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2018-11325)
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-4974)
WordPress Other Vulnerability (CVE-2007-0109)
WordPress Plugin NextMove Lite-Thank You Page for WooCommerce Security Bypass (2.17.0)