CVE-2025-11333

CVSS v2.0

3.3

Low

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions langleyfcu Online Banking System versions prior to 57437e6400ce0ae240e692c24e6346b8d0c17d7a

Description A security issue exists in the langleyfcu Online Banking System. The manipulation of the First Name argument in the /customer add action.php file, within the Add Customer Page component, can lead to cross site scripting. The exploitation of this issue is possible remotely. The exploit is publicly available.

Recommendations Apply updates to versions prior to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. Avoid using the First Name argument in the /customer add action.php file until the issue is resolved.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2025-11333

Affected Products

Langleyfcu Online Banking System

CVE-2025-11333

Weakness Enumeration

Related Identifiers

Affected Products

References · 8