2 matches found
CVE-2025-57425
A Stored Cross-Site Scripting XSS vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint...
PT-2025-34788 · Sourcecodester · Faq Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester FAQ Management System version 1.0 Description: A Stored Cross-Site Scripting XSS vulnerability exists in the FAQ Management System. An authenticated attacker can inject malicious JavaScript into the question and answer fields...