These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2023-3653 is a stored cross-site scripting (XSS) vulnerability in Digital Ant E-Commerce Software affecting versions before 11. The NVD record classifies it as CWE-79 and assigns CVSS 3.1 5.4/Medium with network attack, low privileges, and user interaction required.
CVE-2023-3652 is a reflected cross-site scripting (XSS) issue in Digital Ant E-Commerce Software affecting versions before 11. The NVD record classifies it as CWE-79 and rates it CVSS 6.1 (medium). Because the vector includes user interaction and scope change, the practical risk is strongest where attackers can lure users into loading crafted web content in an affected application flow.
CVE-2023-3651 is a critical SQL injection vulnerability in Digital Ant E-Commerce Software affecting versions before 11. The issue is rated CVSS 3.1 9.8 and is network-exploitable with no privileges or user interaction required. Based on the CVSS vector and the CWE classification, successful exploitation could expose, alter, or disrupt sensitive application data. Organizations running affected Digital Ant [truncated]