E-Commerce Product allows Malicious Code to Run on Your Site

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.6

E-Commerce Product allows Malicious Code to Run on Your Site

CVE-2025-14343

Summary

A security issue in the E-Commerce Product from Dokuzsoft Technology Ltd. allows attackers to inject malicious code into your website. This could lead to unauthorized actions being taken on your site or visitors' browsers. Update the product to the latest version to fix this issue.

Original title

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS.This issue affects E-C...

Original description

nvd CVSS3.1 7.6

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://www.usom.gov.tr/bildirim/tr-26-0083

Published: 26 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026