megaphone
Update your Profile with your Support type to get your Support Type badge.
Nominate Your Peers for NetSuite Support Community's Choice of the Quarter! Submit your nomination today.
Stay in the know of how NetSuite can help grow your business with our guides, webinars, and events. Subscribe Here
What Topic Should We Cover Next? Your idea could be our next feature—drop your suggestion now!
No Limits. Just possibilities. Join us for complimentary one-day events around the world and step into a future fueled by AI and limitless potential. Discover what's next at SuiteConnect Tour 2026.
Try Intelligent Payment Automation – Fee Free For Your First Month For more information, visit this thread.
New AI Community Guidelines. Please review and follow them to ensure AI use stays safe, accurate, and compliant.
Expand your NetSuite knowledge by joining our Ask A Guru Live sessions. RSVP on this event now.
Don't miss out on our Pop Quiz! You only have until tomorrow, April 21, 2026, 2:00PM ET to comment your answers.

Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
New AI Community Guidelines. Please review and follow them to ensure AI use stays safe, accurate, and compliant.

Elbrus : Cross-site Scripting Issue

in Announcements 
SuiteCommerce Advanced sites may be vulnerable to Cross-site Scripting (XSS) issues. XSS vulnerability means malicious third parties could use your SuiteCommerce Advanced website to attack your users. If you are vulnerable, you must apply a patch to your SuiteCommerce Advanced code to protect your site.

Does this issue apply to my website?

If you are using an unpatched version of one of the below Suite Commerce Advanced (SCA) releases, you are vulnerable.

The SCA releases listed below contain an XSS vulnerability in the original template code. Once you install an SCA template, you likely modified it for your specific website needs; we have not evaluated your specific code to determine whether you have modified the original reference code in a way which would have previously resolved this vulnerability.

Regards,

@Robert Nedelkow-Oracle | NetSuite Support Community Administrator

Don't forget to join this month's Ask A Guru Live about Suitebuilder. RSVP for this event now!

ask-an-expert-live.gif

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!

Leaderboard

Community Whiz

Quarter 2 (Apr-Jun 2026)

This Week's Leaders

This Month's Leaders

All Time Leaders