Package impact
Packagist:https://packages.drupal.org/8 / drupal/commerce
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10769 | unknown | — | — | 17h ago | The module doesn't sufficiently sanitize customer comments in the order receipt email template; this could be exploited to achieve Cross-site Scripting (XSS). This vulnerability is mitigated by the … |