Medium severity5.4NVD Advisory· Published Apr 26, 2022· Updated Jun 17, 2026
CVE-2022-28450
CVE-2022-28450
Description
nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nopCommerce/nopCommercedescription
- Range: =4.50.1
Patches
Vulnerability mechanics
References
1- github.com/nopSolutions/nopCommerce/issues/6194nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.