Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-28449

Disclosure Date: April 26, 2022 (last updated February 23, 2025)
nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). At Apply for vendor account feature, an attacker can upload an arbitrary file to the system.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0