Opencart Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2025-1749 - Vulnerability Database

Opencart

Opencart Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2025-1749

Medium

Reference: CVE-2025-1749

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-1749

Title: Opencart Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim39s browser by sending a malicious URL andmodifying the parameter name in /account/voucher.