CVE-2025-47289 | CE-PhoenixCart up to 1.0.9.9/1.1.0.2/1.1.0.3 testimonial description cross site scripting (GHSA-98qq-m8qj-vvgj)

Inserito da Angelo Barbosa | Giu 2, 2025 | CVE

A vulnerability was found in CE-PhoenixCart PhoenixCart up to 1.0.9.9/1.1.0.2/1.1.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument testimonial description leads to cross site scripting.

This vulnerability is handled as CVE-2025-47289. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-47289 | CE-PhoenixCart up to 1.0.9.9/1.1.0.2/1.1.0.3 testimonial description cross site scripting (GHSA-98qq-m8qj-vvgj)

Post correlati

CVE-2024-11451 | Zooom Plugin up to 1.1.0 on WordPress cross site scripting

CVE-2024-30928 | jeffpiazza DerbyNet 9.0 query.slide.next.inc classids sql injection

CVE-2020-11847 | OpenText Privileged Access Manager up to 3.7.0.0 PAM Server os command injection

CVE-2025-5885 | Konica Minolta bizhub up to 20250202 cross-site request forgery