Vulnerabilities

CVE-2025-50866

by Fred · 31/07/2025

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading to session hijacking or phishing attacks.

Assigner : cve@mitre.org

More information : https://github.com/SacX-7/CVE-2025-50866

Similar

Tags: Cybersecurity Alert