Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28449

April 26, 2022, 9:15 p.m. |

National Vulnerability Database nist.gov

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). At Apply for vendor account feature, an attacker can upload an arbitrary file to the system.

cve

Software Engineering Lead, Application Security

@ Hotjar | Remote

Mentor - Cyber Security Career Track (Part-time/Remote)

@ Springboard | Remote

Project Manager Data Privacy and IT Security (d/m/f)

@ Bettermile | Hybrid, Berlin

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

Network Architect

@ Earthjustice | Remote, US

DevOps Application Administrator

@ University of Michigan - ITS | Ann Arbor, MI

Threat Analyst (WebApp)

@ Patchstack | Remote, EU Only

NIST Compliance Specialist

@ Coffman Engineers, Inc. | Seattle, WA

Senior Cybersecurity Advisory Consultant (Argentina)

@ Culmen International LLC | Buenos Aires, Argentina

Information Security Administrator

@ Peterborough Victoria Northumberland and Clarington Catholic District School Board | Peterborough, Ontario

Senior SOC Analyst - REMOTE

@ XOR Security | Falls Church, Virginia

Cyber Intelligence Analyst

@ FWG Solutions, Inc. | Shaw AFB, SC