← Back to CVE List
CVE-2023-26688
Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the product_data parameter of add/edit product in the administration interface.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt