Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
PHP
XSS
Eshop
NVD
CVSS 2.0
4.3
EPSS
0.4%