CVE-2025-63447

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Water Management System version 1.0

Description Water Management System version 1.0 is susceptible to Cross Site Scripting (XSS) attacks. The issue is located in the /add customer.php endpoint. The vulnerability allows attackers to inject malicious scripts into the web page viewed by other users. The vulnerable endpoint is /add customer.php.

Recommendations Apply appropriate input validation and output encoding to prevent the execution of malicious scripts in the /add customer.php endpoint.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-63447

Affected Products

Water Management System

CVE-2025-63447

Weakness Enumeration

Related Identifiers

Affected Products

References · 5