Vulnerabilities > CVE-2023-43704 - Unspecified vulnerability in Oscommerce 4.12.56860
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |