Michael Byrd

1 exploit Active since Jul 2024
CVE-2024-38963 WRITEUP MEDIUM WRITEUP
nopcommerce 4.70.1 - Stored Cross-Site Scripting via AddProductReview.Title and AddProductReview.ReviewText Parameters
Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) via the combined "AddProductReview.Title" and "AddProductReview.ReviewText" parameter(s) (Reviews) when creating a new review.
CVSS 6.1