Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin ARI Adminer-WordPress Database Manager Cross-Site Request Forgery (1.1.13)
Apache HTTP Server Other Vulnerability (CVE-2003-0134)
WordPress Plugin Fourteen Extended Cross-Site Scripting (1.2.31)
Coppermine Improper Authentication Vulnerability (CVE-2005-3979)
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)