4 matches found
CVE-2025-65593
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery CSRF via the Schedule Tasks functionality...
CVE-2025-65592
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting XSS in the product management functionality. Malicious payloads inserted into the "Product Name" and "Short Description" fields are stored in the backend database and executed automatically whenever a user views the affected pages...
CVE-2025-65593
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery CSRF via the Schedule Tasks functionality...
CVE-2025-65589
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting XSS via the Attributes functionality...