Security Advisories - PKSA-6m1x-w3qg-gqvr - Packagist

PKSA-6m1x-w3qg-gqvr Security Advisory

[MEDIUM] OroCommerce Cross-site Scripting vulnerability in add note dialog of Shopping List line item

PKSA-6m1x-w3qg-gqvr CVE-2022-35950 GHSA-2jc6-3fhj-8q84

Affected package: oro/commerce

Affected version: >=5.1.0,<5.1.1|>=5.0.0,<5.0.11|>=4.2.0,<=4.2.10|>=4.1.0,<=4.1.13

Reported by:
GitHub