CVE-2025-40627

Reflected Cross-Site Scripting XSS vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by sending the victim a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform...

CVE-2025-40627

CVE-2025-40627 affects AbanteCart v1.4.0. It describes a Reflected Cross‑Site Scripting (XSS) vulnerability in the /eyes? endpoint that lets an attacker deliver JavaScript to a victim’s browser, potentially stealing session cookies or acting on behalf of the user. The vulnerability is documented ...

Unspecified Vulnerability in ABB eSOMS

ABB eSOMS Electronic Shift Operations Management System is a plant operations management system from ABB Switzerland. ABB eSOMS contains a security vulnerability that could be exploited by an attacker to compromise sensitive user information by framing parts of the application on a malicious...

Cross-site Scripting (XSS)

jquery-migrate is vulnerable to Cross-site Scripting XSS. jquery-migrate uses code similar to $location.hash to select an ID value encoded on the page. However, an attacker can create a cross-site scripting injection by using a string similar to and run code to steal user data...