CVE-2024-4859

Solidus = 4.3.4 is affected by a Stored Cross-Site Scripting vulnerability in the order tracking URL...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the order tracking URL. An attacker can manipulate the web page content or hijack user sessions by injecting malicious scripts. Details Cross-site scripting or XSS is a code vulnerability that occurs whe...

PT-2024-33157 · Solidus · Solidus

Name of the Vulnerable Software and Affected Versions: Solidus versions prior to 4.3.5 Description: The issue is related to a Stored Cross-Site Scripting vulnerability in the order tracking URL. Recommendations: For versions prior to 4.3.5, update to version 4.3.5 or later to resolve the issue...