PT-2025-47297 · Sourcecodester · Interview Management System 1.0
Yuki77
·
Published
2025-11-18
·
Updated
2025-11-20
·
CVE-2025-13343
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Interview Management System version 1.0
Description
A security flaw exists in SourceCodester Interview Management System 1.0. The manipulation of the
Question argument in the file /editQuestion.php can lead to cross site scripting. This attack can be launched remotely. The exploit has been released publicly.Recommendations
Apply any available updates to address the issue in the
/editQuestion.php file.
As a temporary workaround, consider restricting or validating the Question parameter to prevent the injection of malicious scripts.Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Interview Management System 1.0