CVE-2025-1748

Published Feb 28, 2025

Last updated a month ago

CVSS medium 4.7

Overview

Description
HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/register.
Source
cve-coordination@incibe.es
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.7
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Severity
MEDIUM

Weaknesses

cve-coordination@incibe.es
CWE-79

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-1748 🟠 MEDIUM (4.7) 🏢 OpenCart - OpenCart 🏗️ 0 🔗 https://t.co/0Q5qBjlhDU #CyberCron #VulnAlert https://t.co/RWidtP6iCZ

    @cybercronai

    28 Feb 2025

    80 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

References