Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-65591
CVE-2025-65591
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality.
Published Dec 17, 2025
https://github.com/advisories/GHSA-x3gp-g59c-2vm8
CVSS Score
Medium
5.4
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
nuget
NopCommerce.All
4.5.0.5
nuget
NopCommerce.Core
3.20.0
nuget
NopCommerce.Core
3.30.0
nuget
NopCommerce.Core
3.30.1
nuget
NopCommerce.Core
3.40.0
nuget
NopCommerce.Core
3.40.1
nuget
NopCommerce.Core
3.50.0
nuget
NopCommerce.Core
3.50.1
nuget
NopCommerce.Core
3.60.0
nuget
NopCommerce.Core
3.60.1
nuget
NopCommerce.Core
3.70.0
nuget
NopCommerce.Core
3.70.1
nuget
NopCommerce.Core
3.80.0
nuget
NopCommerce.Core
3.90.0
nuget
NopCommerce.Nop.Services
4.5.0.3
nuget
NopCommerce.Nop.Services
4.60.4.1
nuget
NopCommerce.Nop.Services
4.60.4
nuget
NopCommerce.Nop.Services
4.80.8.1
nuget
NopCommerce.Nop.Services
4.80.8.2
1-19 of 19
CVE-2025-65591 | Components Impacted | Sonatype Guide | Sonatype Guide
