CVE-2025-12282: Cross Site Scripting in code-projects Client Details System
A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used.
CVE-2025-12282: Cross Site Scripting in code-projects Client Details System
Description
A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-10-26T16:17:02.544Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68ff792cba6dffc5e2fb2adb
Added to database: 10/27/2025, 1:52:44 PM
Last updated: 10/27/2025, 1:52:52 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-50055: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in OpenVPN Access Server
UnknownCVE-2025-12281: Cross Site Scripting in code-projects Client Details System
MediumCVE-2025-12280: Cross Site Scripting in code-projects Client Details System
MediumCVE-2025-60291: n/a
HighMassive China-Linked Smishing Campaign Leveraged 194,000 Domains
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.