Cross Site Scripting (XSS) Vulnerability in nopCommerce 4.50.1

Cross Site Scripting (XSS) Vulnerability in nopCommerce 4.50.1

CVE-2022-28448 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). An attacker (role customer) can inject javascript code to First name or Last name at Customer Info.

Learn more about our Web Application Penetration Testing UK.