CVE-2023-47309

Name of the Vulnerable Software and Affected Versions Nukium nkmgls versions prior to 3.0.2

Description The issue is related to Cross Site Scripting (XSS) and can be exploited via the displayAjaxSavePhoneMobile function in the NkmGlsCheckoutModuleFrontController. This allows for potential malicious script execution.

Recommendations For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the NkmGlsCheckoutModuleFrontController to minimize the risk of exploitation.