← All advisories

Moderate severityNVD Advisory· Published Mar 28, 2025· Updated Mar 31, 2025

CVE-2025-28094

CVE-2025-28094

Description

shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
shopxo/shopxoPackagist	<= 6.4.0	—

Affected products

2

shopxo/shopxodescription
ghsa-coords
pkg:composer/shopxo/shopxo
Range: <= 6.4.0

Patches

Vulnerability mechanics

References

3

github.com/advisories/GHSA-24cf-848g-762cghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-28094ghsaADVISORY
www.yuque.com/morysummer/vx41bz/echzollcdlmllgqoghsaWEB

News mentions

0

No linked articles in our index yet.