CNNVD-202508-180 Information

CNNVD ID

CNNVD-202508-180

Related CVE

CVE-2025-8506

• CNNVD Published: 2025-08-03

Description (Chinese)

wx-shop是冯志辉（495300897）个人开发者的一款微信小程序简易商城。 wx-shop存在代码注入漏洞，该漏洞源于文件/user/editUI的错误操作导致跨站脚本。

Description (English)

Wx-shop is a small shop of micro-trust programs for individual developers of Feng Chihui (495300897). wx-shop has a code-infusion loophole, which results from the error of the file/user/editUI, resulting in a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-08-03

Last Modified

2026-02-24

References

https://vuldb.com/?id.318605 https://vuldb.com/?submit.627323 https://vuldb.com/?ctiid.318605 https://github.com/Bemcliu/cve-reports/blob/main/cve-07-wx-shop-Stored%20XSS/readme.md https://access.redhat.com/security/cve/cve-2025-8506