PT-2025-12820 · Unknown · Improve My City

Published

2025-03-25

Updated

2025-03-28

CVE-2025-22501

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Improve My City versions 1.6 and earlier

Description The issue is related to improper neutralization of script-related HTML tags in a web page, allowing for Reflected XSS attacks. This enables potential attackers to inject malicious scripts into the web page, which can then be executed by other users' browsers.

Recommendations For Improve My City versions 1.6 and earlier, update to a version that fixes the improper neutralization of script-related HTML tags to prevent Reflected XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-80

Related Identifiers

CVE-2025-22501

Affected Products

Improve My City

PT-2025-12820 · Unknown · Improve My City

CVE-2025-22501

Weakness Enumeration

Related Identifiers

Affected Products

References · 7