Oscommerce: >> Oscommerce Security Vulnerabilities
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "CatalogsPageDescriptionForm[1][name]
" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE)" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "admin_firstname" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "tracking_number" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "title" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "translation_value[1]" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "email_templates_key" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-30