CVE-2025-1155

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Feb 10, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-1155 is a recently identified vulnerability affecting Webkul QloApps 1.6.1. The issue resides in the "Your Location Search" component's "/stores" file, which is classified as problematic. An attacker can exploit this vulnerability to execute cross-site scripting (XSS) attacks remotely. Although plans are underway to remove the affected page in the future, it is crucial that users address this vulnerability promptly to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Webkul

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3NuFFX
https://www.cve.org/CVERecord?id=CVE-2025-1155
https://nvd.nist.gov/vuln/detail/CVE-2025-1155

Back to Vulnerability Database

CVE-2025-1155

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations