Description
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "formats_titles[7]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin CheetahO Image Compression and Optimizer Unspecified Vulnerability (1.4.2.1)
MySQL Other Vulnerability (CVE-2009-0819)
WordPress Plugin Feed Statistics Open Redirect (3.0)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
WordPress Plugin WP Social Feed Gallery Cross-Site Request Forgery (2.4.7)