Cross-Site Scripting Vulnerability in StarCities by Saysis Computer Systems
CVE-2025-11963

5.4MEDIUM

Key Information:

Vendor: Saysis Computer Systems Trade Ltd. Co.
Status: Starcities
Vendor: CVE Published:; 19 November 2025

🔔 Create Saysis Computer Systems Trade Ltd. Co. Vulnerability Alert

What is CVE-2025-11963?

A Cross-Site Scripting vulnerability exists in StarCities, developed by Saysis Computer Systems Trade Ltd. Co., allowing attackers to execute malicious scripts in the context of a user's session. This vulnerability, identified as improper neutralization of input during web page generation, permits reflected XSS attacks in versions prior to 1.1.61. Attackers could exploit this flaw to manipulate web content, potentially stealing sensitive information or performing unauthorized actions on behalf of users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

StarCities 0 < 1.1.61

References

https://www.usom.gov.tr/bildirim/tr-25-0403

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 19, 2025
Vulnerability Reserved
Oct 20, 2025

Credit

İbrahim YİĞİTSOY

JSON

Saysis Computer Systems Trade Ltd. Co.