CVE-2025-7567
Published
CVSS v3
4.3
MEDIUM
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang/system_type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
ShopXO企业级免费开源商城系统,可视化DIY拖拽装修、包含PC、H5、多端小程序(微信+支付宝+百度+头条&抖音+QQ+快手)、APP、多仓库、多商户、多门店、IM客服,进销存遵循MIT开源协议发布、基于ThinkPHP8框架研发
GitHub