Headline
CVE-2023-43706: Os Commerce - Cross Site Scripting Reflected (XSS) | Advisories | Fluid Attacks
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the “email_templates_key” parameter, potentially leading to unauthorized execution of scripts within a user’s web browser.
Hacking software for over 20 years
Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.