CVE-2023-43706
OS Commerce is affected by a Cross-Site Scripting (XSS) vulnerability. The issue allows an attacker to inject JavaScript via the email_templates_key parameter, potentially enabling script execution in a user’s browser. Affected product: Os Commerce (4.12.x variants cited in CVE records). Root cau...