CVE-2025-65589 | nopCommerce 4.90.0 Attributes Name cross site scripting

December 16, 2025 Yanac

A vulnerability was found in nopCommerce 4.90.0 and classified as problematic. Impacted is an unknown function of the component Attributes Handler. Such manipulation of the argument Name leads to cross site scripting.

This vulnerability is traded as CVE-2025-65589. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-65592 | nopCommerce 4.90.0 Product Management Product Name/Short Description cross site scripting
CVE-2025-11369 | Gutenberg Essential Blocks Plugin up to 5.7.2 on WordPress get_instagram_access_token_callback authorization