CVE-2025-59412

Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.5.11

Description CubeCart, an ecommerce software solution, has an issue in the product reviews feature. User-supplied input is not properly sanitized before display. An attacker can submit HTML tags within the review description field. Upon administrator approval, this injected HTML is rendered on the product page for all visitors. This could potentially redirect users to malicious websites or display unwanted content.

Recommendations Update to version 6.5.11 or later.