CVE-2021-47892 PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting

PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the 'Comments / Special Instructions' parameter of the purchase page. Attackers can inject malicious JavaScript payloads that will execute when the page is refreshed, potentially allowing client-side script execution...

PEEL Shopping Cross-site Scripting Vulnerability

PEEL Shopping is an e-commerce platform operated by the French company PEEL. Version 9.3.0 of PEEL Shopping contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the Comments/Special Instructions parameter, which may lead to storage-based cross-site...