[Attack Vectors] > It was detected that multiple Stored Cross-Site Scripting (Stored XSS) vulnerabilities in the product management functionality. Malicious JavaScript payloads inserted into the "Product Name" and "Short Description" fields are stored in the backend database and executed automatically whenever a user (administrator or customer) views the affected pages.
Assigned CVE code: > CVE-2025-65592 [Discoverer] > AlterSec t/a PenTest.NZ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
