CNNVD-202509-3559 Information

CNNVD ID

CNNVD-202509-3559

Related CVE

CVE-2025-59412

• CNNVD Published: 2025-09-22

Description (Chinese)

CubeCart是CubeCart开源的一个电子商务软件。 CubeCart 6.5.11之前版本存在安全漏洞，该漏洞源于产品评论功能未正确清理用户输入，可能导致跨站脚本攻击。

Description (English)

CubeCart is an e-commerce software source for CubeCart. The previous version of CubeCart 6.5.11 had a security loophole, which stemmed from the product comment function ’ s incorrect clean-up of user input, which could result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Published

2025-09-22

Last Modified

2026-02-24

References

https://github.com/cubecart/v6/commit/1a0c0d8f6c9c141575eb5be07d04e7d49820005b https://github.com/cubecart/v6/commit/7d4bf593304332fa1258d4f0b10dd7c9f6283a86 https://github.com/cubecart/v6/security/advisories/GHSA-qfrx-vvvp-h5m2

Patch

https://www.cubecart.com/