Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 29 Sep 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the color filter parameter. | A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter |
Fri, 12 Sep 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mezereon
Mezereon smart Search And Filter |
|
CPEs | cpe:2.3:a:mezereon:smart_search_and_filter:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Mezereon
Mezereon smart Search And Filter |
Mon, 08 Sep 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-79 | |
Metrics |
cvssV3_1
|
Mon, 08 Sep 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the color filter parameter. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-09-29T17:22:16.405Z
Reserved: 2025-08-16T00:00:00.000Z
Link: CVE-2025-55998

Updated: 2025-09-08T15:43:59.832Z

Status : Modified
Published: 2025-09-08T15:15:36.520
Modified: 2025-09-29T18:15:32.637
Link: CVE-2025-55998

No data.

No data.