Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Stored XSS Vulnerability in Description Field of CubeCart v6.5.9
Malware and Vulnerabilities
June 04, 2025
seclists
The flaw resides in the "Description" field of the Address Book edit functionality, allowing attackers to inject persistent JavaScript payloads that execute in the context of the victim's browser.
Read More
CubeCart
Cross Site Scripting
Web Application Security
Ecommerce Platform
JavaScript Injection
Publisher
Previous
Fake WordPress Caching Plugin Used to Steal Admin Crede ...
Malware and Vulnerabilities
Next
Windows User Group Policy Bypass via Offline Registry H ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/72d5_shutterstock_2396331819.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/7edd_shutterstock_2298708373.jpg)
