Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "xsell_type_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
Perl Out-of-bounds Write Vulnerability (CVE-2023-47038)
PHP Other Vulnerability (CVE-2007-4441)
WordPress Plugin Relevanssi Premium-A Better Search Multiple Vulnerabilities (1.14.4)
Joomla Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-10238)
XWiki Improper Authentication Vulnerability (CVE-2022-36092)