CVE-2025-47110 – Adobe Commerce Stored Cross-Site Scripting (XSS) Vulnerability

June 10, 2025

CVE ID : CVE-2025-47110

Published : June 10, 2025, 4:15 p.m. | 1 hour, 25 minutes ago

Description : Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48067 – OctoPrint File Exfiltration Information Disclosure

Next Article CVE-2025-44043 – Keyoti SearchUnit SSRF

Highlights

CVE-2025-4242 – PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

May 3, 2025

CVE ID : CVE-2025-4242

Published : May 3, 2025, 7:15 p.m. | 2 hours, 16 minutes ago

Description : A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/between-dates-report.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

6 registry tweaks every tech-savvy user must apply on Windows 11

Here’s why network infrastructure is vital to maximizing your company’s AI adoption

The AI video tool behind the most viral social trends right now

Got a new password manager? How to clean up the password mess you left in the cloud

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

Windows 11 24H2 tests toggle to turn off Recommended feed in the Start menu

Windows 11 24H2 tests toggle to turn off Recommended feed in the Start menu

User calls Windows 11 “pure horror,” Microsoft says it’s listening to feedback

John the Ripper is an advanced offline password cracker

CVE-2025-47110 – Adobe Commerce Stored Cross-Site Scripting (XSS) Vulnerability

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

GraphRAG with MongoDB Atlas: Integrating Knowledge Graphs with LLMs

IT threat evolution in Q1 2025. Non-mobile statistics

CVE-2024-32499 – Newforma Project Center Server Remote Code Execution Vulnerability

Pinout with Dan Johnson

CVE-2025-4242 – PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

GenCast predicts weather and the risks of extreme conditions with state-of-the-art accuracy

Why Google Code Assist may finally be the programming power tool you need

Write for Us – Technology, Business & Marketing

CVE-2025-47110 – Adobe Commerce Stored Cross-Site Scripting (XSS) Vulnerability

Related Posts