PT-2025-31659 · Unknown · Institute-Of-Current-Students
B0Mk35H
·
Published
2025-08-01
·
Updated
2025-08-01
·
CVE-2025-50869
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Institute-of-Current-Students version 1.0
Description
A stored Cross-Site Scripting (XSS) vulnerability exists in the
qureydetails.php page. The input fields for Query and Answer do not properly sanitize user input, allowing authenticated users to inject arbitrary JavaScript code.Recommendations
Sanitize user input for the
Query and Answer fields in the qureydetails.php page to prevent the injection of malicious scripts.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Institute-Of-Current-Students