CVE-2025-11421

Sažetak

A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown function of the file /admin/candidates_edit.php. This manipulation of the argument Firstname/Lastname/Platform causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Reference

https://code-projects.org/
https://github.com/underatted/CVE/issues/10
https://vuldb.com/?ctiid.327356
https://vuldb.com/?id.327356
https://vuldb.com/?submit.665811

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

08-10-2025 - 02:15

Objavljeno

08-10-2025 - 02:15