Improper UI Layer Restriction in Shopside Software Technologies Product
CVE-2025-0421

4.7MEDIUM

Key Information:

Vendor: Shopside Software Technologies Inc.
Status: Shopside
Vendor: CVE Published:; 19 November 2025

🔔 Create Shopside Software Technologies Inc. Vulnerability Alert

What is CVE-2025-0421?

A vulnerability exists in Shopside Software Technologies Inc.'s product, Shopside, which allows for the improper rendering of UI layers or frames. This flaw enables the exploitation of iFrame overlays, compromising the security of the user interface and potentially allowing for various attack vectors that could affect user data and application integrity.

Affected Version(s)

Shopside 0 <= 05022025

References

https://www.usom.gov.tr/bildirim/tr-25-0402

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2025
Vulnerability Reserved
Jan 13, 2025

Credit

Berat ARSLAN

JSON