CNNVD-202511-775 Information

CNNVD ID

CNNVD-202511-775

Related CVE

CVE-2025-63638

• CNNVD Published: 2025-11-07

Description (Chinese)

SourceCodester AI-Powered To-Do List App是SourceCodester开源的一个基于人工智能的待办事项列表应用。 SourceCodester AI-Powered To-Do List App v1.0版本存在安全漏洞，该漏洞源于Task Title和Description (Optional)字段未对输入进行充分验证，可能导致跨站脚本攻击。

Description (English)

SourceCodester AI-Powered To-Do List App is an artificially intelligent list of to-dos. Security loophole in version 1 of SourceCodester AI-Powered To-Do List App v1.0, which stems from the failure of the Task Title and Description (Opportal) fields to adequately validate input, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SourceCodester

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/ChuckBartowski7/Vulnerability-Research/tree/main/CVE-2025-63638 https://www.sourcecodester.com/javascript/18421/ai-powered-do-list-app-using-html-css-and-javascript-source-code.html