Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "zone_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
Ruby on Rails CVE-2018-16477 Vulnerability (CVE-2018-16477)
WordPress Plugin WooCommerce Salesforce Integration Cross-Site Scripting (1.5.8)
WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.0)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7837)
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.7)