CVE-2025-2085

Name of the Vulnerable Software and Affected Versions StarSea99 starsea-mall version 1.0

Description A problematic vulnerability has been discovered, affecting an unknown part of the file /admin/carousels/save. The issue involves the manipulation of the redirectUrl argument, leading to cross-site scripting. This can be initiated remotely.

Recommendations For version 1.0, as a temporary workaround, consider restricting access to the /admin/carousels/save file until a patch is available. Avoid using the redirectUrl argument in the affected file to minimize the risk of exploitation.