2 matches found
CVE-2025-12229 projectworlds Expense Management System Roles Page create cross site scripting
A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...
CVE-2025-12228
CVE-2025-12228 affects projectworlds Expense Management System 1.0. The flaw is in an unknown function of the file /public/admin/users/create on the Users Page, resulting in cross-site scripting (XSS) . Exploitation is described as remote, with publicly available exploit code. Multiple connected ...