3 matches found
CVE-2023-43717
creationtimestamp| type| source ---|---|--- 2023-10-01 02:39:07+00:00| seen| https://t.me/cibsecurity/71369...
CVE-2023-43717 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS)
Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCHHIGHLIGHTENABLETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...
CVE-2023-43717
OsCommerce (4.x era) has a Cross-Site Scripting (XSS) vulnerability in the MSEARCH_HIGHLIGHT_ENABLE_TITLE[1] parameter, allowing injected JavaScript to run in a user’s browser. Sources across NVD/NVD mirror entries describe the flaw but do not specify a fixed patch/version. The provided documents...