2 matches found
Cross-site Scripting (XSS)
Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the shipping options configuration form in the E-commerce module ecommerce.shippingoption. An...
CVE-2023-43710
Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "configurationtitle1MODULESHIPPINGPERCENTTEXTTITLE" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...