Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-14721)
Magento CVE-2019-8125 Vulnerability (CVE-2019-8125)
PHP Other Vulnerability (CVE-2012-3450)
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2018-14719)
Apache Traffic Server CVE-2015-5206 Vulnerability (CVE-2015-5206)