[MEDIUM] Craft Commerce has stored XSS in Inventory Location Name

PKSA-9385-f9kj-gpgr CVE-2026-29176 GHSA-wj89-2385-gpx3

Affected package: craftcms/commerce

Affected version: >=5.0.0,<=5.5.2

Reported by:
GitHub