Search Hashnode

Search posts, tags, users, and pages

Discussion on "CVE-2025-57204: Stored XSS in Stocky POS with Inventory Management & HRM (ui-lib) 5.0" | Hashnode

Discussion

Sergio Medeiros

Vulnerability Operations @ Synack. InfoSec's Village Idiot. Documenting my journey of pivoting out of a decade long sales career to breaking

Sep 20, 2025

CVE-2025-57204: Stored XSS in Stocky POS with Inventory Management & HRM (ui-lib) 5.0

Discovered by: Michael KimVendor: ui-lib (Uilibrary)Product: Stocky – POS with Inventory Management & HRM (“Ultimate Inventory Management System with POS”)Affected Version: 5.0 (as released June 2025)Impact: Arbitrary JavaScript Execution (Stored XSS...

grumpz.net4 min read

#cve #cybersecurity-1 #cybersecurity #cybersec #hacking #php #xss #owasp #pentesting #penetration-testing #ethicalhacking #information-security #devops #developer #devops-articles

Responses(1)

Sonu Goswami

Sonu Goswami | B2B SaaS Positioning Specialist

Sep 21, 2025

Thanks for sharing......this is a thorough and clear breakdown of the XSS risk in Stocky POS. Very valuable info for security teams.

Most discussed in Forum

A
I Replaced ChatGPT With Google NotebookLM — Here’s My Audit & Workflow
25A A A1d ago
M
🚀 Just Published: A Complete Guide to Installing SHONiR CMS – A Modern, Open-Source CMS Built on CodeIgniter 4
44A C6d ago
B
This content is flagged and removed by AUTOMOD, how can I publish the blog
44F J F5d ago
S
What factors should developers consider when building a high-performance business website?
22F5d ago
Z
Understanding OpenClaw By Building One
22Z2d ago

View all threads

Recent in Forum

L
Hi, I'm lalit gurjar
17h ago
R
Hi, I'm Rahul💭♾️
17h ago
S
Do outcome-based delivery models create better software incentives than hourly billing, or just different tradeoffs?
31F13h ago
A
I built a tool to replace Fakespot. Here's what I learned about LLM verdicts vs scores.
11N13h ago
A
The "RAG or fine-tuning?" question is outdated in 2026
113h ago

View all threads