Security Advisory

CVE-2022-28450

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-26 20:05:46

Last updated 2024-08-03 05:56:15

Assigner mitre

State PUBLISHED

Description

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser.

← Browse all CVEs View on cve.org ↗