Vulnerabilities > CVE-2023-43710 - Unspecified vulnerability in Oscommerce 4.12.56860
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |