CVE-2025-67683

Name of the Vulnerable Software and Affected Versions Quick.Cart version 6.7

Description Quick.Cart is susceptible to a reflected cross-site scripting (XSS) issue through the sSort parameter. An attacker can create a malicious URL that, when accessed, leads to the execution of arbitrary JavaScript code within the victim's browser. The vendor was informed of this issue but did not provide details regarding vulnerable versions. The API endpoint potentially affected is not specified. The vulnerable parameter is sSort.

Recommendations Apply a fix for Quick.Cart version 6.7.