PT-2025-31659 · Unknown · Institute-Of-Current-Students

B0Mk35H

Published

2025-08-01

Updated

2025-08-01

CVE-2025-50869

Report an issue

CVSS v3.1

6.1

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions:

Institute-of-Current-Students version 1.0

Description:

A stored Cross-Site Scripting (XSS) vulnerability exists in the `qureydetails.php` page. The input fields for `Query` and `Answer` do not properly sanitize user input, allowing authenticated users to inject arbitrary JavaScript code.

Recommendations:

Sanitize user input for the `Query` and `Answer` fields in the `qureydetails.php` page to prevent the injection of malicious scripts.

Fix

XSS

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-50869

Affected Products

Institute-Of-Current-Students

PT-2025-31659 · Unknown · Institute-Of-Current-Students

Weakness Enumeration

Related Identifiers

Affected Products

References · 4