Vulnerabilities > CVE-2023-4406 - Unspecified vulnerability in KC Group E-Commerce Software Project KC Group E-Commerce Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |