Stored Cross-Site Scripting in SourceCodester FAQ Management System
CVE-2025-57425

6.1MEDIUM

Key Information:

Vendor: SourceCodester
Status: FAQ Management System
Vendor: CVE Published:; 26 August 2025

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2025-57425?

The SourceCodester FAQ Management System 1.0 contains a Stored Cross-Site Scripting vulnerability that enables an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields. This occurs via the update-faq.php endpoint, potentially leading to unauthorized actions or data manipulation within the application when other users interact with the compromised content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gist.github.com/progprnv/10110b20469e4ae02aa1c9bf...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 26, 2025
Vulnerability Reserved
Aug 17, 2025

JSON

SourceCodester

What is CVE-2025-57425?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.