CVE-2023-43726
CVE-2023-43726 affects OsCommerce (notably version 4.12.56860 per CVE listing). The vulnerability is a reflected XSS that allows an attacker to inject JavaScript via the parameter orders_products_status_manual_name_long[1], potentially resulting in unauthorized script execution in a user’s browse...