CVE-2025-60318

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0

Description The software is susceptible to Cross Site Scripting (XSS) attacks. The issue occurs in the '/admin/profile.php' component through the fname (First Name) and lname (Last Name) fields. Successful exploitation could allow an attacker to inject malicious scripts into the web page viewed by other users.

Recommendations Update to a newer version that contains a fix for this vulnerability. Sanitize the input received from the fname and lname parameters in the '/admin/profile.php' component.