CVE-2024-58322

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...

CVE-2024-58322

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...

CVE-2024-58322 Kentico Xperience <= 13.0.158 Shipping Options Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...

CVE-2024-58322

Kentico Xperience CVE-2024-58322 is a stored XSS in the shipping options configuration. Affected component is the ecommerce.shippingoption form; the underlying issue is improper handling of user-supplied data in shipping option fields (description, carrier display name). Remediation provided in s...

CVE-2024-58322 Kentico Xperience <= 13.0.158 Shipping Options Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...

PT-2025-52329

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious code into shipping options configuration. Successful exploitation could...

Malicious Package

Overview xo-shipping-options is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-36753

Malicious code in xo-shipping-options npm...

MAL-2025-49070 Malicious code in xo-shipping-options (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c21e6f808603d3ee1f0107b9f7e0a2fbf9f420f9ac6004090593f7fab29c6e92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xo-shipping-options (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c21e6f808603d3ee1f0107b9f7e0a2fbf9f420f9ac6004090593f7fab29c6e92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...