Medium severity6.1NVD Advisory· Published Apr 26, 2022· Updated Jun 17, 2026
CVE-2022-28449
CVE-2022-28449
Description
nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). At Apply for vendor account feature, an attacker can upload an arbitrary file to the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nopCommerce/nopCommercedescription
- Range: =4.50.1
Patches
Vulnerability mechanics
References
1- github.com/nopSolutions/nopCommerce/issues/6192nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.