Security Advisory

CVE-2025-66572

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 20:44:50
Last updated 2026-05-26 11:51:54
Assigner VulnCheck
State PUBLISHED

Description

Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victims browser context when they visit a crafted URL.