Medium severity6.4NVD Advisory· Published Feb 1, 2026· Updated Apr 15, 2026
CVE-2022-50941
CVE-2022-50941
Description
BootCommerce 3.2.1 contains persistent input validation vulnerabilities that allow remote attackers to inject malicious script code through guest order checkout input fields. Attackers can exploit unvalidated input parameters to execute arbitrary scripts, potentially leading to session hijacking, phishing attacks, and application module manipulation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 3.2.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.