CVE-2025-25776

MEDIUM Year: 2025
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows an attacker to execute arbitrary code into the Full Name and Address fields during user registration or profile editing.

Related Vulnerabilities

CVE-2017-18783

MEDIUM
CVSS:5.0(Medium)

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1....

CWE-792017

CVE-2017-18784

MEDIUM
CVSS:5.0(Medium)

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0...

CWE-792017

CVE-2019-1677

MEDIUM
CVSS:5.0(Medium)

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. The vulnerability is due to insuffi...

CWE-792019

CVE-2023-5244

MEDIUM
CVSS:5.0(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.

CWE-792023

CVE-2024-23998

MEDIUM
CVSS:5.0(Medium)

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue.

CWE-792024

CVE-2024-31574

MEDIUM
CVSS:5.0(Medium)

Cross Site Scripting vulnerability in TWCMS v.2.6 allows a local attacker to execute arbitrary code via a crafted script

CWE-792024