CNNVD-202510-032 Information

CNNVD ID

CNNVD-202510-032

Related CVE

CVE-2025-60991

• CNNVD Published: 2025-10-01

Description (Chinese)

Codazon Magento Themes是Codazon公司的一系列Magento平台专用网站主题与模板。 Codazon Magento Themes v1.1.0.0版本至v2.4.7版本存在安全漏洞，该漏洞源于对cat参数清理和转义不足，可能导致反射型跨站脚本攻击。

Description (English)

Codazon Magento Themes is a series of magento platform-specific web themes and templates for Codazon. There is a security loophole between versions Codazon Magento Themes v1.1.0.0 and v. 2.4.7, which stems from inadequate clean-up and transposition of the cat parameters and may result in a cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Codazon

Published

2025-10-01

Last Modified

2026-02-24

References

https://codazon.com https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-60991.md https://github.com/shadowByte1