Kdrypr

**Name of the Vulnerable Software and Affected Versions** Your Online Shop version 1.8.0 **Description** The issue allows authenticated users to trigger a cross-site scripting (XSS) attack via specific operations, such as changing a name or surname. **Recommendations** For version 1.8.0, update to a newer version that contains a fix for this issue, if available. As a temporary workaround, consider restricting access to the name and surname change operations until a patch is available.