PT-2025-45474 · Sourcecodester · Sourcecodester User Account Generator
Published
2025-11-07
·
Updated
2025-11-07
·
CVE-2025-63714
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester User Account Generator version 1.0
Description
A Cross-Site Scripting (XSS) issue exists in SourceCodester User Account Generator version 1.0. This allows remote attackers to execute arbitrary JavaScript code within a user’s browser session. The issue is caused by insufficient sanitization of user-provided input when generating account data for the Document Object Model (DOM). This enables the persistent injection of malicious HTML elements that execute when clicked by users. The vulnerable input field is the
Username Prefix field.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcecodester User Account Generator