In Optimizely Configured Commerce before 5.2.2408,...
Moderate severity
Unreviewed
Published
Dec 18, 2024
to the GitHub Advisory Database
•
Updated Dec 18, 2024
Description
Published by the National Vulnerability Database
Dec 18, 2024
Published to the GitHub Advisory Database
Dec 18, 2024
Last updated
Dec 18, 2024
In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document.
References