Unknown · Kashipara Computer Base Test Version 1.0 · CVE-2025-56697
**Name of the Vulnerable Software and Affected Versions**
Kashipara Computer Base Test version 1.0
**Description**
A Stored Cross-Site Scripting (XSS) vulnerability exists in the `/users/adminpanel/admin/home.php?page=feedbacks` file. Attackers can inject malicious scripts via the `smyFeedbacks` POST parameter in `/users/home.php`.
**Recommendations**
Update to a newer version that contains a fix for this vulnerability.
As a temporary workaround, restrict access to the `/users/adminpanel/admin/home.php?page=feedbacks` file.
Sanitize the `smyFeedbacks` POST parameter before processing it in `/users/home.php`.