CVE-2025-66845 | TechStore 1.0 Query Parameter user_name ID cross site scripting

Inserito da Angelo Barbosa | Dic 23, 2025 | CVE

A vulnerability classified as problematic has been found in TechStore 1.0. This issue affects the function user_name of the component Query Parameter Handler. The manipulation of the argument ID leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-66845. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-66845 | TechStore 1.0 Query Parameter user_name ID cross site scripting

Post correlati

CVE-2022-49428 | Linux Kernel up to 5.15.45/5.17.13/5.18.2 null pointer dereference

CVE-2024-10072 | ESAFENET CDG 5 EncryptPolicyService.java actionAddEncryptPolicyGroup checklist sql injection

CVE-2024-57765 | MSFM prior 2025.01.01 table/list s_name sql injection

CVE-2025-26507 | HP LaserJet Pro stack-based overflow