CVE-2024-56173

Optimizely Configured Commerce (before 5.2.2408) is affected by a stored XSS vulnerability: malicious payloads can be stored and later executed in users’ browsers via JavaScript in an SVG document under certain conditions. Root cause: XSS in SVG handling. Impact is browser-side compromise of affe...