Cross-Site Scripting Vulnerability in Shopside Software's Shopside App
CVE-2025-0879

4.7MEDIUM

Key Information:

Vendor: Shopside Software
Status: Shopside App
Vendor: CVE Published:; 17 September 2025

🔔 Create Shopside Software Vulnerability Alert

What is CVE-2025-0879?

A Cross-Site Scripting (XSS) vulnerability exists in Shopside Software's Shopside App, allowing attackers to inject malicious scripts into web pages. This flaw can be exploited by users with high privileges, facilitating unauthorized access and data manipulation before version 17.02.2025. It is crucial for users and administrators to apply necessary security measures and platform updates to safeguard against potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Shopside App 0 < 17.02.2025

References

https://www.usom.gov.tr/bildirim/tr-25-0270

third-party-advisory

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Jan 30, 2025

Credit

Berat Arslan

JSON

Shopside Software