CVE-2025-70458

Name of the Vulnerable Software and Affected Versions Sourcecodester Domain Availability Checker version 1.0

Description A DOM-based Cross-Site Scripting (XSS) issue exists in the DomainCheckerApp class within the domain/script.js file. The application does not properly handle user-supplied data in the createResultElement method, utilizing the unsafe innerHTML property to display domain search results. This allows for the injection of malicious scripts.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider modifying the createResultElement function to avoid using the innerHTML property for rendering domain search results.