Sign in Subscribe

← All advisories

Unrated severityOSV Advisory· Published Dec 16, 2025· Updated Dec 16, 2025

CVE-2025-65590

CVE-2025-65590

Description

nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area.

Affected products

1

Nopsolutions/NopcommerceOSV
Range: release-1.70, release-1.80, release-1.90, …

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

seclists.org/fulldisclosure/2025/Dec/17mitre
www.nopcommerce.commitre

News mentions

0

No linked articles in our index yet.