CVE-2023-43728
CVE-2023-43728 affects OsCommerce with a reflected XSS in the stock_delivery_terms_text[1] parameter. The vulnerability enables injection of JavaScript in a user’s browser, potentially compromising session security or user data. Documented impact is XSS with low to moderate CVSS factors (UI:R, Pr...