CVE-2023-43724 Information

Description

Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the \derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]\ parameter potentially leading to unauthorized execution of scripts within a user’s web browser.

Reference

https://fluidattacks.com/advisories/bts/ https://www.oscommerce.com/