Description
osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
Remediation
References
Related Vulnerabilities
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cloaking (2.2.9)
WordPress Plugin Simple File List Arbitrary File Deletion (4.2.7)
WordPress Plugin WooCommerce PDF Invoice Bulk Download Cross-Site Scripting (1.0.0)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1158)