I tried to make a product description and add the xss script in the paragraph.
steps for reproduction
- create a new product
- enter xss in the product description paragraph, such as;
`<div> <img src>
<h4> <span> <em> <strong> (name_product) </strong></em></span> </h4>
</div> ``
Impact
xss can be triggered