Security Advisory

CVE-2022-28449

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-26 20:02:42

Last updated 2024-08-03 05:56:15

Assigner mitre

State PUBLISHED

Description

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). At Apply for vendor account feature, an attacker can upload an arbitrary file to the system.

← Browse all CVEs View on cve.org ↗