CVE-2025-7567 | ShopXO up to 6.5.0 header.html lang cross site scripting (Issue 89)

Inserito da Angelo Barbosa | Lug 12, 2025 | CVE

A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang leads to cross site scripting.

The identification of this vulnerability is CVE-2025-7567. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7567 | ShopXO up to 6.5.0 header.html lang cross site scripting (Issue 89)

Post correlati

CVE-2024-5338 | Ruijie RG-UAC up to 20240516 online.php peernode os command injection

CVE-2024-10458 | Mozilla Firefox up to 131 permission

CVE-2024-53719 | onigetoc Zajax Plugin up to 0.4 on WordPress cross-site request forgery

CVE-2025-48187 | infiniflow ragflow up to 0.18.1 excessive authentication