Security Advisory

CVE-2024-38963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-09 00:00:00

Last updated 2024-08-02 04:19:20

Assigner mitre

State PUBLISHED

Description

Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) via the combined "AddProductReview.Title" and "AddProductReview.ReviewText" parameter(s) (Reviews) when creating a new review.

← Browse all CVEs View on cve.org ↗