CVE-2025-66845 | TechStore 1.0 Query Parameter user_name ID cross site scripting

Inserito da Angelo Barbosa | Dic 23, 2025 | CVE

A vulnerability classified as problematic has been found in TechStore 1.0. This issue affects the function user_name of the component Query Parameter Handler. The manipulation of the argument ID leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-66845. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-66845 | TechStore 1.0 Query Parameter user_name ID cross site scripting

Post correlati

CVE-2025-53482 | IPInfo Extension up to 1.39.12/1.42.6/1.43.1 on Mediawiki cross site scripting

CVE-2025-22827 | WP Joomag Plugin up to 2.5.2 on WordPress cross site scripting

CVE-2024-26304 | Aruba ArubaOS 8.10.0.11/8.11.2.2/10.4.1.1/10.5.1.1 L2-L3 Management Service buffer overflow (ARUBA-PSA-2024-004)

CVE-2025-22882 | Delta Electronics ISPSoft up to 3.20 CBDGL File Parser stack-based overflow (PCSA-2025-00004)