Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
LimeSurvey Improper Certificate Validation Vulnerability (CVE-2019-16179)
Apache HTTP Server Other Vulnerability (CVE-2002-0843)
MySQL CVE-2015-0508 Vulnerability (CVE-2015-0508)
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8393)