CNNVD-202512-2788 Information

CNNVD ID

CNNVD-202512-2788

Related CVE

CVE-2025-65591

• CNNVD Published: 2025-12-16

Description (Chinese)

nopCommerce是nopCommerce公司的一套开源的通用电子商务平台。 nopCommerce 4.90.0版本存在安全漏洞，该漏洞源于Currencies功能存在跨站脚本。

Description (English)

NopCommerce is an open-source common e-commerce platform for noopCommerce. There is a security loophole in version 4.90.0 of nopCommerce, which stems from the existence of a cross-site script for the Currence function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

nopCommerce

Published

2025-12-16

Last Modified

2026-02-24

References

https://seclists.org/fulldisclosure/2025/Dec/18 https://www.nopcommerce.com/ http://seclists.org/fulldisclosure/2025/Dec/18

Patch

https://www.nopcommerce.com/en/download-nopcommerce