CVE-2023-46495
CVE-2023-46495 describes a Cross Site Scripting vulnerability in EverShop NPM prior to version 1.0.0-rc.8. A remote attacker can obtain sensitive information by crafting requests to the sortBy parameter. The connected records consistently identify the affected product as EverShop NPM and indicate...