Critical Vulnerability Information Researcher This vulnerability was discovered by @yuyudhn. Description The search page in Helmet Store Showroom v1.0 does not escape the search value, which could allow non-privileged users to perform Cross-Site Scripting (XSS) attacks. This vulnerability has not been known to be fixed yet. Details Proof of Concept PoC References CVE-2022-46073 - CVE.org CVE-2022-46073 - NIST NVD CVE-2022-46073 - Tenable