CVE-2025-40977 | WorkDo eCommerceGo SaaS POST Request /store-ticket subject/description cross site scripting

A vulnerability described as problematic has been identified in WorkDo eCommerceGo SaaS. This vulnerability affects unknown code of the file /store-ticket of the component POST Request Handler. The manipulation of the argument subject/description results in cross site scripting.

This vulnerability is cataloged as CVE-2025-40977. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More