CVE-2025-60302

Published: Oct 9, 2025Modified: Oct 29, 2025

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

code-projects Client Details System 1.0 is vulnerable to Cross Site Scripting (XSS). When adding customer information, the client details system fills in malicious JavaScript code in the username field.

Affected (1)

Products: Fabian: Client Details System

Fabian

1 product

Client Details System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Fabian Client Details System	Version 1.0

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

http://code-projects.com

Source: cve@mitre.org

Product

https://github.com/Chen1-Boop/CVE/blob/main/CVE-2025-60302.md

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.