Cross site scripting

2023-09-3002:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

os commerce

nvd

injection

unauthorized execution

web browser

0.0005 Low

EPSS

Percentile

18.4%

JSON

Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the “title” parameter,
potentially leading to unauthorized execution of scripts within a user’s web browser.

CPENameOperatorVersion
oscommerceeq4.12.56860

CPE	Name	Operator	Version
	oscommerce	eq	4.12.56860

References

fluidattacks.com/advisories/bts/

www.oscommerce.com/

0.0005 Low

EPSS

Percentile

18.4%

JSON

Related for PRION:CVE-2023-43704