CVE-2025-14343 HIGH

CVE-2025-14343: Reflected XSS in Dokuzsoft Technology's E-Commerce Product

Vendor Dokuzsoft Technology Ltd.
Product E-Commerce Product
Weakness CWE-79 · XSS
Published February 26, 2026
Last update June 4, 2026

CVSS base score

7.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS. This issue affects E-Commerce Product: through 10122025.

Key dates

02Disclosure timeline

February 26, 2026 CVE published
June 4, 2026 Record updated