Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "BILLING_GENDER_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)
Joomla! Core Directory Traversal (2.5.0 - 3.9.22)
WordPress Plugin Strong Testimonials Multiple Cross-Site Scripting Vulnerabilities (2.31.4)
Jenkins Other Vulnerability (CVE-2021-21697)
WordPress Plugin VDZ Google Analytics or Google Tag Manager/GTM Cross-Site Scripting (1.5.5)