Craft Commerce has Stored XSS in Tax Categories (Name & Description) Fields Leading to Potential Privilege Escalation

Moderate severity GitHub Reviewed Published Feb 2, 2026 in craftcms/commerce • Updated Feb 3, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts