Vulnerability Database

300,911

Total vulnerabilities in the database

CVE-2025-45892

OpenCart version 4.1.0.4 is vulnerable to a Stored Cross-Site Scripting (XSS) attack via the blog editor. The vulnerability arises because input in the blog's editor is not properly sanitized or escaped before being rendered. This allows attackers to inject malicious JavaScript code

Published: Jul 25, 2025
Updated: Jul 26, 2025
CVE: CVE-2025-45892
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
opencart / opencart	-	4.1.0.4.x

https://packetstorm.news/files/id/202886
https://www.opencart.com

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo