Cross-Site Scripting Vulnerability in Simple User Management System by Sanin
CVE-2025-63442

4.6MEDIUM

Key Information:

Vendor

Sanin

Status
Simple User Management System
Vendor
CVE Published:
3 November 2025

What is CVE-2025-63442?

The Simple User Management System version 1.0 suffers from a Cross-Site Scripting (XSS) vulnerability that arises due to inadequate sanitization of user inputs in the Profile Section. This allows an attacker to inject and execute arbitrary JavaScript code within a user's browser, potentially leading to data theft or session hijacking. It is crucial for users and administrators to apply necessary patches and implement input validation measures to mitigate this security risk.

References

https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-5

CVSS V3.1

Score:
4.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-63442 : Cross-Site Scripting Vulnerability in Simple User Management System by Sanin