[LOW] GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability

PKSA-xf3w-3q5q-ksrg CVE-2025-57407 GHSA-46v4-5mc8-q2cf

Affected version: <=9.0.5

Reported by:
GitHub

[MEDIUM] SCart is vulnerable to cross-site scripting (XSS)

PKSA-2s9r-vjf7-wsf7 CVE-2022-21149 GHSA-7pfc-cx3m-v22x

Affected version: <6.9

Reported by:
GitHub