CVE 8.5 HIGH

CVE-2025-63526_CVE-2025-63526

December 1, 2025 invoker category_cve

8.5 / 10

HIGH

CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:C/UI:N

Description

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter, which is then executed in the victim's browser when the page is viewed.

AI Analysis

Cross-site scripting (XSS) vulnerability in the Blood Bank Management System

Basic Information

ID CVE-2025-63526

Source mitre

Published Dec 1, 2025 at 00:00

Modified Dec 1, 2025 at 19:34

Affected Product

Vendor Shridharshukl

Product Blood Bank Management System

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-79

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Shridharshukl

Product Blood Bank Management System

Version n/a

References

{
    "lastseen": "",
    "description": "A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter, which is then executed in the victim's browser when the page is viewed.",
    "published": "2025-12-01T00:00:00.000Z",
    "modified": "2025-12-01T19:34:27.441Z",
    "type": "cve",
    "title": "CVE-2025-63526",
    "source": "mitre",
    "references": "https://github.com/Shridharshukl/Blood-Bank-Management-System\nhttps://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing\nhttps://github.com/kiwi865/CVEs/blob/main/CVE-2025-63526.md",
    "id": "CVE-2025-63526",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:C/UI:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Blood Bank Management System",
    "version": "n/a",
    "vendor": "Shridharshukl",
    "ai_description": "Cross-site scripting (XSS) vulnerability in the Blood Bank Management System",
    "ai_severity": "High",
    "ai_vendor": "Shridharshukl",
    "ai_product": "Blood Bank Management System",
    "ai_version": "n/a",
    "ai_score": 8.5
}

💭 Join the Security Discussion ❌ Cancel Reply