CVE-2024-5766

Name of the Vulnerable Software and Affected Versions: Likeshop versions up to 2.5.7

Description: A vulnerability was found in the Merchandise Handler component, affecting some unknown processing of the file /admin. This issue leads to cross-site scripting and can be initiated remotely.

Recommendations: For versions up to 2.5.7, consider disabling access to the /admin file of the Merchandise Handler component until a patch is available. Restrict access to the admin panel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.