CVE-2023-43721

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "PACKINGSLIPSSUMMARYTITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43721

CVE-2023-43721 refers to an XSS vulnerability in OsCommerce where an attacker can inject JavaScript via the parameter PACKING_SLIPS_SUMMARY_TITLE[1] . The CVSS v3.1 base score is 5.4 (Medium) with an attack vector of Network , require low privileges, and user interaction, affecting confidentialit...