PT-2025-48456 · Unknown · Blood Bank Management System
Published
2025-12-01
·
Updated
2025-12-01
·
CVE-2025-63526
CVSS v3.1
8.5
High
| Vector | AC:L/AV:N/A:N/C:H/I:L/PR:L/S:C/UI:N |
Name of the Vulnerable Software and Affected Versions
Blood Bank Management System (affected versions not specified)
Description
The Blood Bank Management System is susceptible to a cross-site scripting (XSS) issue within the
abs.php component. The application does not adequately sanitize or encode user-provided input before displaying it. An attacker can inject malicious JavaScript payloads into the msg parameter. When a user views the affected page, this injected code is executed in their browser.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Blood Bank Management System