Vulnerabilities > KC Group E Commerce Software Project > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-23	CVE-2023-4406	Cross-site Scripting vulnerability in KC Group E-Commerce Software Project KC Group E-Commerce Software Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. network low complexity kc-group-e-commerce-software-project CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.