CVE-2022-43696

Name of the Vulnerable Software and Affected Versions OX App Suite versions prior to 7.10.6-rev20

Description The issue allows for cross-site scripting (XSS) attacks via upsell ads. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to 7.10.6-rev20, update to version 7.10.6-rev20 or later to resolve the issue. As a temporary workaround, consider disabling upsell ads until a patch is available. Restrict access to potentially vulnerable areas of the application to minimize the risk of exploitation.