{"id":52826,"date":"2025-06-17T04:20:15","date_gmt":"2025-06-17T04:20:15","guid":{"rendered":""},"modified":"2025-06-27T23:19:03","modified_gmt":"2025-06-28T05:19:03","slug":"cve-2025-47110-high-severity-stored-cross-site-scripting-xss-vulnerability-in-adobe-commerce","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-47110-high-severity-stored-cross-site-scripting-xss-vulnerability-in-adobe-commerce\/","title":{"rendered":"CVE-2025-47110: High-Severity Stored Cross-Site Scripting (XSS) Vulnerability in Adobe Commerce<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

Cybersecurity threats are an ever-present concern, especially for digital commerce platforms. A recent vulnerability identified as CVE-2025-47110 affects a wide range of Adobe Commerce versions and presents a significant risk to both users and administrators. This vulnerability is particularly problematic as it allows high privileged attackers to inject malicious scripts into vulnerable form fields, leading to the potential execution of harmful JavaScript when a victim accesses the compromised page<\/a>.
\nThis vulnerability is a cause for concern because it impacts the security of data and systems associated with these versions of Adobe<\/a> Commerce. The exploitation of this vulnerability could lead to system compromise<\/a> or data leakage, highlighting the urgent need for mitigation strategies and solutions.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-47110
\nSeverity: Critical (CVSS score 9.1)
\nAttack Vector: Stored Cross-Site Scripting<\/a> (XSS)
\nPrivileges Required: High
\nUser Interaction: Required
\nImpact: System compromise<\/a>, Data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n