Unrated severityOSV Advisory· Published Dec 16, 2025· Updated Dec 17, 2025
CVE-2025-65589
CVE-2025-65589
Description
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2release-1.70, release-1.80, release-1.90, …+ 1 more
- (no CPE)range: release-1.70, release-1.80, release-1.90, …
- (no CPE)range: = 4.90.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.