CVE-2025-28092

Publication date

2025-03-28 00:00:00

Family

mitre

State

PUBLISHED

Description

ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.