CVE-2025-57425

Medium CVSS: 6.1

A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint.

Vendor

Remyandrade

Product

Faq Management System

CWE

CWE-79

Yayın Tarihi

2025-08-26 17:15:40

Güncelleme

2025-09-04 18:34:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Faq Management System MEDIUM Remyandrade 2025

Referanslar

https://gist.github.com/progprnv/10110b20469e4ae02aa1c9bfe130f5e9

Benzer Kayıtlar

Medium

CVE-2026-3695

A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the fi…

Medium

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown f…

Medium

CVE-2026-3163

A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function fil…

Medium

CVE-2026-3070

A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknow…

Critical

CVE-2025-70457

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/up…

Medium

CVE-2025-70458

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sou…