May 04 2021 XSS in the wild: JavaScript-stuffed orders used to compromise Japanese e-commerce sites

Source

Website vulnerabilities abused in new hacking campaign [...]