Lucene search
K

4 matches found

NVD
NVD
added 2025/11/18 3:16 p.m.5 views

CVE-2025-63883

A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 Bhabishya-123/E-commerce. The site's client-side JavaScript reads attacker-controlled input for example, values derived from the URL or page fragment and inserts it into the DOM via unsafe sinks...

5.4CVSS0.0023EPSS
Exploits1References1
OSV
OSV
added 2025/11/18 3:16 p.m.5 views

CVE-2025-63883

A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 Bhabishya-123/E-commerce. The site's client-side JavaScript reads attacker-controlled input for example, values derived from the URL or page fragment and inserts it into the DOM via unsafe sinks...

5.4CVSS5.8AI score0.0023EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/18 12:0 a.m.7 views

CVE-2025-63883

A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 Bhabishya-123/E-commerce. The site's client-side JavaScript reads attacker-controlled input for example, values derived from the URL or page fragment and inserts it into the DOM via unsafe sinks...

0.0023EPSS
Exploits1References1
CVE
CVE
added 2025/11/18 12:0 a.m.14 views

CVE-2025-63883

CVE-2025-63883 affects electic-shop v1.0. The vulnerability is a DOM-based XSS in client-side code that reads attacker-controlled input (e.g., URL parameters or fragment) and writes it into the DOM using unsafe sinks such as innerHTML, insertAdjacentHTML, or document.write without proper sanitiza...

5.4CVSS6AI score0.0023EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder