Vulnerability CVE-2023-4406


Published: 2023-11-23

Description:
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: through 20231123. 

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.



Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://https://www.usom.gov.tr/bildirim/tr-23-0657

Copyright 2026, cxsecurity.com

 

Back to Top