CVE-2025-50869 Information
Aug 02, 2025
cve
Description
A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0 where the input fields for Query and Answer do not properly sanitize user input. Authenticated users can inject arbitrary JavaScript code.
Reference
https://gist.github.com/b0mk35h/1fabbff8c95c6b7180c4ef404a337b8b https://portswigger.net/web-security/cross-site-scripting/stored
Related CNNVD
CNNVD-202508-066 (Published: 2025-08-01)
Share on: