CVE-2022-50941

Name of the Vulnerable Software and Affected Versions BootCommerce version 3.2.1

Description The software contains input validation issues that permit remote attackers to inject malicious script code through guest order checkout input fields. Exploitation of unvalidated input parameters could allow attackers to execute arbitrary scripts, potentially leading to session hijacking, phishing attacks, and application module manipulation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.