CNNVD-202601-3941 Information

Jan 23, 2026 cve

CNNVD ID

CNNVD-202601-3941

CVE-2025-70458

CNNVD Published: 2026-01-23

Description (Chinese)

SourceCodester Domain Availability Checker是SourceCodester开源的一个域名可用性检查工具。 Sourcecodester Domain Availability Checker v1.0版本存在安全漏洞，该漏洞源于DomainCheckerApp类在domain/script.js中使用不安全的innerHTML属性处理用户提供的数据，可能导致基于DOM的跨站脚本攻击。

Description (English)

SourceCodester Domain Availability Checker is a tool for checking the availability of domain names from the SourceCodester. The security loophole in version DOMECDER Domain Availability Checker v1.0 arises from the use of unsafe innerHTML attributes in the Domain/script.js category of DomainChecker App to process data from users, which may result in a DOM-based cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SourceCodester

Published

2026-01-23

Last Modified

2026-02-24

References

https://github.com/ismaildawoodjee/vulnerability-research/security/advisories/GHSA-chm7-vgf7-6f9p https://www.sourcecodester.com/php/18500/domain-availability-checker-using-php-and-javascript-source-code.html https://access.redhat.com/security/cve/cve-2025-70458

Share on: