CNNVD-202512-2785 Information

CNNVD ID

CNNVD-202512-2785

Related CVE

CVE-2025-65593

• CNNVD Published: 2025-12-16

Description (Chinese)

nopCommerce是nopCommerce公司的一套开源的通用电子商务平台。 nopCommerce 4.90.0版本存在安全漏洞，该漏洞源于Schedule Tasks功能存在跨站请求伪造。

Description (English)

NopCommerce is an open-source common e-commerce platform for noopCommerce. There is a security loophole in version 4.90.0 of nopCommerce, which stems from the existence of a cross-site request for forgery of the Scheduule Tasks function.

Hazard Level

High

Vulnerability Type

其他

Published

2025-12-16

Last Modified

2026-02-24

References

https://seclists.org/fulldisclosure/2025/Dec/20 https://www.nopcommerce.com/ http://seclists.org/fulldisclosure/2025/Dec/20

Patch

https://www.nopcommerce.com/en/download-nopcommerce