5 matches found
CVE-2025-40701
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701
SOTESHOP 8.3.4 contains a Reflected XSS in /adsTracker/checkAds via the id parameter. An attacker can inject JS and run it in the victim’s browser, potentially stealing session cookies or acting on behalf of the user. CVSS 4.0 suggests 5.1 base score (MEDIUM) with network attack vector, low compl...
CVE-2025-40701 Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701 Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
PT-2026-21512
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...