CVE-2024-38963

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) via the combined "AddProductReview.Title" and "AddProductReview.ReviewText" parameter(s) (Reviews) when creating a new review.

nopSolutions/nopCommerce
nopSolutions/nopCommerce
ASP.NET Core eCommerce software. nopCommerce is a free and open-source shopping cart.
GitHubGitHub
10.1K
iamtron01/Vulnerability-Research
iamtron01/Vulnerability-Research
GitHubGitHub