2026-01-12 11:28:35
INCIBE
PUBLISHED
Stored Cross-Site Scripting (XSS) vulnerability in WorkDos eCommerceGo SaaS, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request to ‘/ticket/x/conversion’, using the ‘reply_description’ parameter.