CNNVD-202509-3553 Information

CNNVD ID

CNNVD-202509-3553

Related CVE

CVE-2025-59413

• CNNVD Published: 2025-09-22

Description (Chinese)

CubeCart是CubeCart开源的一个电子商务软件。 CubeCart 6.5.11之前版本存在安全漏洞，该漏洞源于newsletter subscription端点存在逻辑缺陷，可能导致未经用户同意取消订阅。

Description (English)

CubeCart is an e-commerce software source for CubeCart. There was a security loophole in the pre-CubeCart 6.5.11 version, which stemmed from a logical defect at the end of the newsletter subscription, which could lead to the cancellation of the subscription without the consent of the user.

Hazard Level

High

Vulnerability Type

其他

Published

2025-09-22

Last Modified

2026-02-24

References

https://github.com/cubecart/v6/commit/7fd1cd04f5d5c3ce1d7980327464f0ff6551de79 https://github.com/cubecart/v6/commit/db965fcfa260c4f17eb16f8c5494e5af4a8ac271 https://github.com/cubecart/v6/commit/dbc58cf1f7a6291f7add5893b56bff7920a29128 https://github.com/cubecart/v6/security/advisories/GHSA-869v-gjv8-9m7f

Patch

https://www.cubecart.com/