Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "stock_delivery_terms_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)
WordPress Plugin Get Recent Comments Cross-Site Scripting (2.0.6)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)
WordPress Plugin Backup Migration Information Disclosure (1.3.5)
WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)