CVE-2023-43723 in Os Commerceالمعلومات

الملخص

بحسب MITRE • 25/10/2023

Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "orders_status_name[1]" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

Fluid Attacks

حجز

21/09/2023

إفشاء

25/10/2023

الاعتدال

تمت الموافقة

إدخال

VDB-241009

EPSS

0.00431

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!