CVE-2022-35212

osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting XSS vulnerability via the function tepdberror...

PT-2022-22632 · Unknown · Oscommerce

Name of the Vulnerable Software and Affected Versions: osCommerce2 versions prior to 2.3.4.1 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the tep db error function. Recommendations: For versions prior to 2.3.4.1, update to...