CVE-2023-41710 — User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM. Attackers could lure victims to user accounts with malicious script — CVE Database · The Intelligence Room