CVE-2025-63640

Medium CVSS: 6.1

Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medicine Name" and "Notes (Optional)" fields when creating an "Upcoming Reminder", allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicking the "Save Reminder" button.

Vendor

Rems

Product

Medicine Reminder App

CWE

CWE-79

Yayın Tarihi

2025-11-07 20:15:38

Güncelleme

2025-11-17 18:13:14

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Medicine Reminder App MEDIUM Rems 2025

Referanslar

https://github.com/ChuckBartowski7/Vulnerability-Research/blob/main/CVE-2025-63640/README.md https://www.sourcecodester.com/javascript/18402/medicine-reminder-app-using-html-css-and-javascript-source-code.html

Benzer Kayıtlar

Medium

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unautho…

Medium

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting (XSS) in the Enter URLs to check input fi…

Medium

CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" fie…

Medium

CVE-2025-10410

A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This vulnerability affects unknown…

Medium

CVE-2025-10088

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file…

Medium

CVE-2025-6345

A vulnerability was found in SourceCodester My Food Recipe 1.0 and classified as problematic. Affected by this issue is…