Vendor
TechStore
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-66845 | 0.00 | — | 0.00 | Dec 23, 2025 | A reflected Cross-Site Scripting (XSS) vulnerability has been identified in TechStore version 1.0. The user_name endpoint reflects the id query parameter directly into the HTML response without output encoding or sanitization, allowing execution of arbitrary JavaScript code in a victim’s browser. | |||
| CVE-2025-63544 | 0.00 | — | 0.00 | Nov 7, 2025 | TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter. | |||
| CVE-2025-63543 | 0.00 | — | 0.00 | Nov 7, 2025 | TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q parameter. |
- CVE-2025-66845Dec 23, 2025risk 0.00cvss —epss 0.00
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in TechStore version 1.0. The user_name endpoint reflects the id query parameter directly into the HTML response without output encoding or sanitization, allowing execution of arbitrary JavaScript code in a victim’s browser.
- CVE-2025-63544Nov 7, 2025risk 0.00cvss —epss 0.00
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.
- CVE-2025-63543Nov 7, 2025risk 0.00cvss —epss 0.00
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q parameter.