CNNVD-202511-767 Information

CNNVD ID

CNNVD-202511-767

Related CVE

CVE-2025-63543

• CNNVD Published: 2025-11-07

Description (Chinese)

TechStore Pro是nooncarlett个人开发者的一个电子商务平台。 TechStore Pro 1.0版本存在安全漏洞，该漏洞源于/search_results端点中参数q未经验证，可能导致跨站脚本攻击。

Description (English)

TechStore Pro is an e-commerce platform for nononcarlett personal developers. There is a security loophole in version TechStore Pro 1.0, which originates from the unverified parameter q in the /search results endpoint, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-07

Last Modified

2026-02-24

References

https://gist.github.com/LuigiGrimaldi/5e9e66b12973bddd35f933a6d0cd2730 https://access.redhat.com/security/cve/cve-2025-63543