CVE-2025-67683

CVSS v3.1

6.1

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Quick.Cart version 6.7

Description Quick.Cart is susceptible to a reflected cross-site scripting (XSS) issue through the

sSort

parameter. An attacker can create a malicious URL that, when accessed, leads to the execution of arbitrary JavaScript code within the victim's browser. The vendor was informed of this issue but did not provide details regarding vulnerable versions. The API endpoint potentially affected is not specified. The vulnerable parameter is

sSort

Recommendations Apply a fix for Quick.Cart version 6.7.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-67683

Affected Products

Quick.Cart

CVE-2025-67683

Weakness Enumeration

Related Identifiers

Affected Products

References · 12