CVE-2025-12280: Cross Site Scripting in code-projects Client Details System
A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /update-clients.php. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
CVE-2025-12280: Cross Site Scripting in code-projects Client Details System
Description
A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /update-clients.php. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-10-26T16:16:55.574Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68ff792cba6dffc5e2fb2acd
Added to database: 10/27/2025, 1:52:44 PM
Last updated: 10/27/2025, 1:52:52 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-50055: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in OpenVPN Access Server
UnknownCVE-2025-12282: Cross Site Scripting in code-projects Client Details System
MediumCVE-2025-12281: Cross Site Scripting in code-projects Client Details System
MediumCVE-2025-60291: n/a
HighMassive China-Linked Smishing Campaign Leveraged 194,000 Domains
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.