A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the color filter parameter.
Metrics
Affected Vendors & Products
References
History
Mon, 08 Sep 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-79 | |
Metrics |
cvssV3_1
|
Mon, 08 Sep 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the color filter parameter. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-09-08T15:44:55.631Z
Reserved: 2025-08-16T00:00:00.000Z
Link: CVE-2025-55998

Updated: 2025-09-08T15:43:59.832Z

Status : Awaiting Analysis
Published: 2025-09-08T15:15:36.520
Modified: 2025-09-08T16:25:38.810
Link: CVE-2025-55998

No data.

No data.