Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-43702 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "tracking_number" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43703 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43704 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43705 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "translation_value[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43706 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "email_templates_key" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43707 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "CatalogsPageDescriptionForm[1][name] " parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43708 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43709 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43710 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43711 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43712 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "access_levels_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43713 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43714 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SKIP_CART_PAGE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43715 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43716 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43717 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43718 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCH_ENABLE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43719 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SHIPPING_GENDER_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43720 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "BILLING_GENDER_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43721 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "PACKING_SLIPS_SUMMARY_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |