Sept. 30, 2023, 11:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the "name" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.

attackers browser commerce cross-site cve inject name parameter scripting scripts vulnerability web web browser xss

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

IT-Security Analyst "Managed Cloud" Fokus MS-Sentinel (m/w/d)*

@ GISA GmbH | Halle, DE